The United States Cybersecurity and Infrastructure Security Agency (CISA) last week announced the release a new guidance document: Trusted Internet Connections (TIC) 3.0 Remote User Use Case.
Meant to provide federal agencies with guidance on securing their networks while ensuring that remote users do have access to internal resources, the document was produced in collaboration with the Office of Management and Budget (OMB), the Federal Chief Information Security Officer Council (FCISO) Trusted Internet Connections (TIC) Subcommittee, and the General Services Administration.
The TIC 3.0 Remote User Use Case is based on the TIC 3.0 Interim Telework Guidance that was released in the spring of 2020, and falls in line with the OMB Memorandum M-19-26, CISA explains.
CISA says the document was finalized after public feedback was received on it. The agency has already published a summary of the received comments and of the modifications that were made, along with additional TIC 3.0 guidance.
A total of four new security capabilities were included in TIC 3.0 Remote User Use Case, namely user awareness and training, domain name monitoring, application container, and remote desktop access.
The TIC 3.0 Remote User Use Case defines the manner in which agencies should apply network and multi-boundary security when an agency user connects to the network from outside of a physical agency premises. Examples include personnel working from home or from a hotel, or connecting from another location.
Three network security patterns were included in the use case: securing remote user access to agency campuses, to agency-sanctioned cloud service providers, and to the web.
“The Remote User Use Case helps agencies preserve security while they gain application performance; reduce costs through reduction of private links; and improve user experience by facilitating remote user connections to agency-sanctioned cloud services and internal agency services as well as supporting additional options for agency deployment,” the document explains.
Related: CISA Opens IPv6 Guidance to Public Feedback
Related: CISA, Microsoft Issue Guidance on Recent Azure Cosmos DB Vulnerability