FNN Executive Briefing: Understanding the Critical Role of UX to Zero Trust

FNN executive briefing zero trust UX cover
This ebook explores the intersection of UX and zero trust security architecture. Government agencies - including U.S. Citizenship and Immigration Services, FDIC, CBP and the Department of Education - and industry thought leaders weigh in on:
  • Making the technology-policy connection
  • Filling the gaps, reducing complexity
  • Education security teams borrow UX ideas from others
  • Moving toward an adaptive defensive posture

The Cybersecurity and Infrastructure Security Agency detailed five pillars in its Zero Trust Maturity Model. The Defense Department has specified seven pillars. John Kindervag of ON2IT, widely considered the father of zero trust, typically refers to four basic zero trust architecture design outcomes.

But whether embracing four, five or seven pillars, federal and industry experts have quickly come to understand one thing matters most when implementing a ZTA: user experience.

During a recent panel discussion convened by Federal News Network, federal chief information security officers and industry experts discussed how if zero trust adoption creates too much user friction, the entire initiative can collapse in on itself.

“It’s not about necessarily minimizing the impact on users. It’s actually being smart about the impact on users. One of my team members often calls it smart friction,” said Shane Barney, CISO for the U.S. Citizenship and Immigration Services in the Homeland Security Department.

“In other words, we’re leveraging and adding in friction where it makes sense based on data. We’re applying it in very, very precise ways,” he continued. “To say that the user experience is always going to be positive and nirvana, I don’t think is legit. I think really what we’re aiming to do is being able to easily defend the security decisions behind why we added friction — where we added it — because you’re going to add friction with this process.”

Barney said friction could come from a change in the geographic location that a user logs in from, for instance, or if the timeframe during which they log into the network is dramatically different than normal.

Jason Miller
Executive Editor
Federal News Network

Download the full report to learn how user experience affects your zero trust goals. Featuring insights from industry leaders are Crowdstrike, Okta and Zscaler.

View and download complete report below.

By supplying my contact information, I authorize Carahsoft and its vendors and partner community to contact me with personalized communications about their products and services. Please review our Privacy Policy for more details or to opt-out at any time.