The agencies can now build safe networks in the age of cloud and mobile with the new draft set of use cases and other instructions.
FREMONT, CA: The internet’s structure has transformed drastically over the last few years. Now, the agencies are receiving guidance for ensuring the infrastructure that they are using is secure regardless of how or where workers connect to the network.
This year, there was an update to the government’s Trusted Internet Connection (TIC) policy. TIC policy’s past version have been a prescriptive set of rules and regulation for where and how federal workers should be allowed to connect to the network.
In September, a framework was released by OMB for the third iteration of TIC, which comprised a call for the Homeland Security Department for developing a set of use cases that agencies can address when making their network infrastructure decisions. The administration anticipates that the format of the use case will equip agencies with sufficient agility to make sound security decisions for any network kind, including those over the horizon.
The objective of TIC is to create the first federal perimeter security baseline. The main focus of this initiative is giant federal agencies decreasing the enterprise footprint to approximately 50 connections or TIC access points.
The outcome is a five-volume draft set of instructions for secure network connections.
• Program Guidebook (Volume 1): This volume outlines the advanced TIC program and comprises a historical context.
• Reference Architecture (Volume 2): In this volume, concepts of the programs are defined for guiding and constraining the various implementations of the security capabilities.
• Security Capabilities Handbook (Volume 3): This volume indexes security capabilities pertinent to TIC.
• Use Case Handbook (Volume 4): This volume presents use cases for a conventional agency office setting and branch offices in remote areas. It describes the required security and architecture capabilities.
• Service Provider Overlay Handbook (Volume 5): This volume introduces overlays that map a service provider’s service functions to the TIC capabilities.
CISA, together with the Federal Chief Information Security Officers Council, is working on extra use cases for partner networks and zero trust, among others. Even then, that volume is not considered to a strict guideline.
See also: Top Government Companies