Trusted Internet Connection
From MgmtWiki
Contents
Full Title
Trusted Internet Connections (TIC), originally established in 2007, is a federal cybersecurity initiative intended to enhance network and perimeter security across the Federal Government.
Context
Trusted Internet Connections 3.0 Remote User Use Case[1]
- This initiative is based on trust zones and so is not directly compatible with a Zero Trust Architecture
- The TIC 3.0 Remote User Use Case (Remote User Use Case) defines how network and multi-boundary security should be applied when an agency permits remote users on their network. A remote user is an agency user that performs sanctioned business functions outside of a physical agency premises. The remote user scenario has two distinguishing characteristics:
- Remote user devices are not directly connected to network infrastructure that is managed and maintained by the agency. These device are either
- EMM Enterprise (agency) owned and maintained.
- DCD - like BYOD which is employee owned.
- Remote user devices are intended for individual use (i.e., not a server)
Solutions
- Policy Enforcement Location (or point - PEP) = The security posture of agency user devices changes when the agency user is working outside the agency network. This may lead an agency to rethink the locations where security policies are enforced. In a traditional on-premises environment, agencies retain significant control and visibility into agency user devices, and these devices can support rigorous enforcement of agency policies. Under these conditions agencies’ risk tolerances might allow the deployment of capabilities to the agency user devices, grant the agency users more direct access to agency services, and allow the devices a greater ability to retrieve, process, and store agency data. However, as depicted in Figure 4, as this control and visibility of agency user devices decrease, agencies may look to move these capabilities further upstream from the endpoints, closer to the services or data. PEP Security capabilities:
- Files,
- Web,
- Networking,
- Resiliency,
- DNS,
- Intrusion Detection,
- Enterprise,
- Unified Communications and Collaboration (UCC), and
- Data Protection.
- Universal Security Capabilities
- Backup and Recovery
- Central Log Management with Analysis#
- Configuration Management
- Incident Response Plan and Incident Handling
- Inventory
- Least Privilege
- Secure Administration
- Strong Authentication
- Time Synchronization
- Vulnerability Management
- Patch Management
- Auditing and Accounting
- Resilience
- Enterprise Threat Intelligence
- Situational Awareness
- Policy Enforcement Parity
- Effective Use of Shared Services
- Integrated Desktop, Mobile, ang Remote Policies
- User Awareness and Training
References
- ↑ Cybersecurity and Infrastructure Security Agency Version 1.0 Remote User Use Case (2021-10) https://www.cisa.gov/sites/default/files/publications/CISA%20TIC%203.0%20Remote%20User%20Use%20Case_1.pdf