cloud security

Cloud Smart strategy updates TIC policy

The finalized Cloud Smart strategy doesn't offer much new over the draft released for comment in September 2018, but the Office of Management and Budget wants to retool security to provide flexibility for cloud access.

One big push is to update the Trusted Internet Connection policy that governs outbound agency network traffic. For years the federal government has looked for ways to harmonize its seemingly contradictory TIC and cloud policies, seeking the organizational security benefits of limiting internet access points while also migrating IT infrastructure to the cloud, which leverages multiple access points.

The "once useful" TIC is now "inflexible and incompatible with many agencies' requirements," the cloud smart strategy says, and the maturity of the private cloud market as well as an expected increase in telework means the model originally laid out in 2007 will soon become obsolete to federal IT operations.

TIC has undergone a number of revisions, and officials at Department of Homeland Security who run the program have told Congress that setting security requirements and outcomes for cloud providers, rather than routing traffic through prescribed access points, is a better policy moving forward. According to the cloud smart strategy, DHS is piloting "newer, less rigid approaches" with a number of agencies that comply with this policy and could make it easier for programs like EINSTEIN to use the added computing power to detect and prevent intrusions.

An update to the policy, including alternative models to the TIC architecture, is due from DHS within six months.

A longer version of this article was first posted to FCW, a sibling site to GCN.

About the Author

Derek B. Johnson is a former senior staff writer at FCW.

Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected