The structure of the internet has changed significantly over the last two decades, and now agencies are getting guidance to ensure the infrastructure they use is secure no matter how or where employees connect to the network.
Among the many policy updates coordinated by the Office of Management and Budget this year was an update to the government’s Trusted Internet Connection policy. Past versions of the TIC policy have been a proscriptive set of rules for how and where federal employees should be allowed to connect to the internet.
The most recent version—TIC 2—was released in 2008, before the government began to embrace the trends toward cloud and mobile computing.
OMB released a framework in September for the third iteration of TIC, which included a call for the Homeland Security Department to develop a set of use cases agencies could consider when making their own network infrastructure decisions. The administration hopes the use case format will give agencies enough flexibility to make sound security decisions for any kind of network, including those just over the horizon.
Ahead of the holidays, Homeland Security’s Cybersecurity and Infrastructure Security Agency released a draft of the use cases as one part of a five-volume set of TIC 3.0 guidance.
“TIC began with the goal of creating the first federal perimeter security baseline. The initiative focused on large federal agencies reducing the enterprise footprint to approximately 50 connections, or ‘TIC access points,’” Matt Hartman, CISA’s director of network resilience, wrote in a blog post-Friday. “The world marches fo ..
Support the originator by clicking the read the rest link below.
