Federal Zero Trust

On the Federal side - here are a handful of public attestations you can cite. Most recent and most notably the OMB memorandum is effectively a kill order on yesterday's networks and common MFA (VPNs, WAN, SD_WAN, TOTP, Phone base MFA).

  • Directs Federal Agencies to retire VPNs, non-encrypted DNS, and common MFA techniques (TOTP, Phone number based).
  • "The Federal Government can no longer depend on conventional perimeter based (network) defenses."
  • "Users should log into applications, rather than networks".
  • Resources