To meet mission needs, federal agencies must interact with databases containing everything from personal records to geographical information to law enforcement data. It’s imperative that these databases comply with the White House zero-trust security mandate. Yet implementing zero trust in legacy database management systems has proven to be problematic.
“A zero-trust model includes supporting tools such as identity and access management, data loss protection, analytics, network security, etc.,” said Jeremy Wilson, EDB’s CTO – North America Public Sector. “Legacy databases often can’t interoperate and integrate with these technologies.”
To comply with zero-trust requirements, federal agencies should look to modernize, Wilson said. A commercial open source database management system empowers them to bring to bear the tools of zero trust across their mission-critical data estate.
“A modernized platform will include open interfaces that allow for integration with these zero-trust technologies,” Wilson said. Such a solution “will be able to accommodate a wide range of technologies and standards in order to meet the zero-trust requirements.”
Open Source Benefits
An open source approach here comes with certain inherent security benefits.
When agencies leverage Postgres, a powerful open source database management system, “one of the advantages from a security perspective is transparency. Since a ‘worldwide community’ is working together, inspecting the source code 24x7x365, there are typically fewer bugs, and what is discovered is remediated quickly,” Wilson said.
A commercial open source solution will take this even further, deploying additional security tools to automate the inspection and discovery of vulnerabilities, so they can be remediated immediately.
“EDB commercializes open source Postgres and builds an enterprise model around it to further enhance security for regulatory compliance,” he said.
Special Attention to Security
In fact, security is a top focus for EDB, whose products are developed specifically to support national security requirements and other highly regulated areas of government.
“Compliance and security are very stringent in these areas, and so we adhere to specific security standards,” Wilson said. Some of those include the Federal Information Processing Standard (FIPS) for encryption, and Security Technical Implementation Guides (STIGs), which hardens the database. The enterprise model incorporates role-based access control, which supports zero trust by limiting what users can see and do within the database. “We’ve incorporated all of these security measures that meet the government standards, and they are built into the enterprise model,” Wilson said.
The U.S. Army, for example, benefits from EDB’s decades of PostgreSQL experience supporting a wide range of missions, including modeling and simulation, satellite communications, research initiatives, and biometric identification. The service has relied on EDB for its robust enterprise database functionality and as an alternative to costly legacy vendors, Wilson said. From a security standpoint, they use EDB Postgres Advanced Server, which provides enhanced security features such as FIPS encryption and DISA STIGs.
With a modern, open source database management system, federal agencies can meet mission needs, while ensuring zero-trust security across this key piece of IT infrastructure.
This article appeared in our guide, “How to Build a Cyber-Savvy Workforce.” To read more about how agencies are raising their cyber game, download it here:
Leave a Reply
You must be logged in to post a comment.