CISA to release emergency TIC guidance for telework surge

The guidance will expire at the end of the year and will address capabilities such as email, networking, DNS, intrusion detection and data protection.


The Cybersecurity and Infrastructure Security Agency is preparing to release an update to its Trusted Internet Connection program that will focus on the recent surge in telework among federal employees, FCW has confirmed.

According to multiple sources, including a CISA official, the emergency interim update could be released as early as this week. Another source outside of government said the guidance will be temporary and is set to expire at the end of the year. It will not be part of the TIC 3.0 document set and will not support any use cases for the program. According to those who have seen draft, the guidance is technical and will address capabilities such as email, networking, DNS, intrusion detection, data protection and other issues.

Late last year, CISA released five new draft documents designed to offer a "less prescriptive, more descriptive" approach to the TIC program, which has historically struggled to adapt in tandem with the government's expanding use of cloud computing. The latest iteration, TIC 3.0 was specifically designed to address the reality of more federal employees working remotely or connecting to off-premise cloud environments. Those documents are expected to be finalized this spring.

The 3.0 guidance diverges from previous iterations of the program by emphasizing a distributed architecture rather than a securing a single federal network.

An industry source who has reviewed the new guidance told FCW it is designed to augment, not substantially alter, that approach. Rather than wait for use cases or feedback from bodies like the CIO Council, CISA wanted to put out guidance now that would address the explosion of remote connections taking place during the COVID-19 crisis.

According to this source, users will still have to connect through TIC or a TIC-like service, such as use cases created through the program, and cloud service providers must still be able to route telemetry data to EINSTEIN and meet certain NIST requirements.

"If you look at the current TIC 3.0…they have taken the telework component out of that and basically put it on an accelerator," the source said.

The use of personal devices like mobile phones or computers to conduct government work is also likely to see an increase. In March, the National Institute for Standards and Technology released a draft update to its federal guidance on mobile security that covers topics like data synchronization between personal and work devices, the use of biometric authentication measures like facial recognition or fingerprint scanners and how system administrators can remotely wipe enterprise data and applications from personal mobile phones.

Federal News Network first reported on the pending TIC update.