Stephen Kovac is Vice President of Global Government and Compliance, Zscaler.
The American Technology Council (ATC) recently released the final version of the Report to the President on Federal IT Modernization including new, rapidly approaching deadlines for agencies focused on modernization of the Trusted Internet Connections (TIC) program.
By January 31, OMB was to contact agencies to discuss their cloud migration projects, and identify any delays caused by current TIC policy. By March 2, OMB will share a "preliminary update to the TIC policy," and launch select pilot projects to test the new TIC requirements.
The focus on TIC is important, as the existing TIC architecture was not designed to handle today’s internet traffic volume, which has skyrocketed with growing cloud services adoption and the increasingly mobile Federal workforce. Because TIC originally aimed to consolidate all network traffic to and from Federal information systems through a limited number of connections and access points, it hampers agencies’ ability to take advantage of cloud and mobile technologies, which rely on a distributed network model. It also leaves them unable to address the rapidly changing threat landscape as the traditional perimeter dissolves.
Federal users have moved off the traditional network and are connecting from everywhere – signing into email from mobile devices, logging onto the company network remotely, connecting to Wi-Fi in an airport, and more. At the same time, Federal systems and applications no longer reside neatly within the four walls of agency data centers. Some are on premise, some are in private clouds, and some are in the public cloud.
As technology and user needs have evolved, our approach to security should as well. Instead of focusing primarily on protecting the network, we need to focus on protecting the data – regardless of where it resides and travels – and the users who access it. Protecting the network to secure users and data is costly and becoming increasingly irrelevant.
As agencies look to modernize TIC, the best approach is to move the TIC to a cloud-based, software-defined gateway built in the cloud. By shifting the perimeter of the TIC away from the network and to the cloud – “TIC-in-the-Cloud” – agencies will have the elasticity to scale and meet changing needs. DHS, GSA and OMB also need to consider how the internet and cloud have matured, and through the use of encrypted tunneling such as IPSEC and other secure cloud technologies, agencies can route traffic securely between FedRAMP approved providers “by-passing the TIC” which will improve performance while not sacrificing control or security.
By moving TIC security controls and other advanced security services to a cloud platform, Federal leaders are able to see better protection, visibility, and control of agencies user traffic to the internet. And traffic can be routed locally and securely to the internet over broadband and cellular connections.
A modern TIC infrastructure means improved user experience and security, reduced costs, and more. As internet traffic continues to grow, industry and government must take steps today to provide secure connections – balanced with the performance users want and need to get their jobs done.
Opinions expressed in the article above do not necessarily reflect the opinions of Data Center Knowledge and Informa.
Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating.