Today, the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released interim Trusted Internet Connections (TIC) guidance to aid agencies in securing their network and cloud environments. This guidance supports the current surge in teleworking and use of collaboration tools amongst the federal workforce. The TIC 3.0 Interim Telework Guidance focuses on remote federal employees connecting to private agency networks and cloud environments in a secure manner.
Connections to the public internet continue to route through the National Cybersecurity Protection System (NCPS) EINSTEIN.
The guidance is interim and being issued in light of temporary changes to the posture of the federal workforce. CISA encourages vendors to map cybersecurity capabilities inherent in their services to this interim guidance. CISA will not validate or attest to the strength of vendor capability mappings, and agencies should continue to assess vendors through their standard due diligence and risk management processes.
While this guidance is short-term and will be phased out, CISA will integrate certain features of this guidance and lessons learned into the TIC 3.0 Remote User Use Case as they continue to be developed.