CISA Releases Temporary Telework Security Guidance
The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued temporary telework guidance "to help agencies leverage existing resources to secure their networks" as the number of federal employees working from home has increased. The Trusted Internet Connections 3.0 Interim Telework Guidance has five security objectives: manage tragic, protect traffic confidentiality, protect traffic integrity, ensure service resilience, and ensure effective response.
While this guidance is set to expire at the end of 2020, and is U.S. Government focused, it provides an approach to accessing cloud and on-premise services with sufficient visibility to ensure security and compliance requirements are met, irrespective of your industry or having a formal TIC.
The Trusted Internet Connect 3.0 update is still in draft but added a lot of much-needed flexibility to make it clear how agencies can do remote user access and use cloud services and still stay secure and stay compliant. Between the Managed Trusted Internet Protocol Services (MTIPS) offered by TIC ISPs on the government EIS and other contracts, and the numerous FedRAMP certified cloud-based Security as a Service offerings, government agencies have both guidance and options to make long lasting improvements in both security and productivity for remote work forces.
Read more in
Fifth Domain: DHS releases new network security guidance for telework