SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

CISA Releases Remote Access Guidance for Government Agencies

The United States Cybersecurity and Infrastructure Security Agency (CISA) last week announced the release a new guidance document: Trusted Internet Connections (TIC) 3.0 Remote User Use Case.

The United States Cybersecurity and Infrastructure Security Agency (CISA) last week announced the release a new guidance document: Trusted Internet Connections (TIC) 3.0 Remote User Use Case.

Meant to provide federal agencies with guidance on securing their networks while ensuring that remote users do have access to internal resources, the document was produced in collaboration with the Office of Management and Budget (OMB), the Federal Chief Information Security Officer Council (FCISO) Trusted Internet Connections (TIC) Subcommittee, and the General Services Administration.

The TIC 3.0 Remote User Use Case is based on the TIC 3.0 Interim Telework Guidance that was released in the spring of 2020, and falls in line with the OMB Memorandum M-19-26, CISA explains.

CISA says the document was finalized after public feedback was received on it. The agency has already published a summary of the received comments and of the modifications that were made, along with additional TIC 3.0 guidance.

A total of four new security capabilities were included in TIC 3.0 Remote User Use Case, namely user awareness and training, domain name monitoring, application container, and remote desktop access.

The TIC 3.0 Remote User Use Case defines the manner in which agencies should apply network and multi-boundary security when an agency user connects to the network from outside of a physical agency premises. Examples include personnel working from home or from a hotel, or connecting from another location.

Advertisement. Scroll to continue reading.

Three network security patterns were included in the use case: securing remote user access to agency campuses, to agency-sanctioned cloud service providers, and to the web.

“The Remote User Use Case helps agencies preserve security while they gain application performance; reduce costs through reduction of private links; and improve user experience by facilitating remote user connections to agency-sanctioned cloud services and internal agency services as well as supporting additional options for agency deployment,” the document explains.

Related: CISA Opens IPv6 Guidance to Public Feedback

Related: CISA, Microsoft Issue Guidance on Recent Azure Cosmos DB Vulnerability

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

More from

Latest News

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: Why Email Security Keeps Failing (And What Has to Change)
July 8, 2026

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

Virtual Event: 2026 Cloud Security Summit
July 16, 2026

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Mark Carter has been appointed Chief Information Security Officer at Socure.

Spektrum Labs has named Mark Cravotta Chief Operating Officer.

Philip Martin has joined Uber as Chief Information Security Officer.

More People On The Move

Expert Insights

No Exploits Required

Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.

Popular Topics

Security Community

Stay Intouch

About SecurityWeek

News Tips

Got a confidential news tip? We want to hear from you.

Submit Tip

Advertising

Reach a large audience of enterprise cybersecurity professionals

Contact Us

Daily Briefing Newsletter

Subscribe to the SecurityWeek Daily Briefing and get the latest content delivered to your inbox.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.