As more federal agencies adopt cloud-based applications, increased traffic to and from the Internet is getting stuck in government’s secure network pipes. The Homeland Security Department now is updating the Trusted Internet Connection (TIC) policies to support and encourage cloud adoption.
Developed in 2007, the original TIC program sought to limit the number of government connections to the Internet to no more than 50 and route the traffic through secure gateways that DHS monitors to detect and prevent intruders under its National Cybersecurity Protection System (NCPS) using a three-sensor group known as Einstein, according to the IT Modernization Report issued in December by the American Technology Council.
The report points out that the current security-based consolidation of network access points creates hurdles to adopting commercial cloud services and applications because they rely on virtual, not physical, data controls and distributed, not consolidated, network models. As a result, the modernization plan calls for agencies to move security from the network to the data-level by improving “management and authentication of devices and user access, as well as through encryption of data.”
DHS is moving out on a plan for TIC 3.0, to meet the report’s requirements with a preliminary TIC update by March 2, FCW reported Jan. 30 from its Security Innovation in the Cloud event in Washington.
Mark Bunn from DHS’s Federal Network Resilience Division spoke at the event and told attendees that DHS hopes to ameliorate “the trombone effect,” which causes the latency problems when agencies connect to data hosted off premises. To overcome the effect, agencies must triple their bandwidth, Bunn said. The problem is magnified, he said, because on average each agency now uses eight of the 228 cloud service providers now serving government, two-thirds of them for cloud-based software.
Under the modernization plan, the Office of Management and Budget also is inventorying cloud migration projects at all agencies and choosing some for 90-day pilot tests of TIC requirement changes. OMB, DHS and the General Services Administration will use the results to make rapid TIC updates, Federal News Radio reported Jan. 30.
