Difference between revisions of "Trusted Internet Connection"

From MgmtWiki
Jump to: navigation, search
(Context)
(Context)
Line 5: Line 5:
 
  (2021-10) https://www.cisa.gov/sites/default/files/publications/CISA%20TIC%203.0%20Remote%20User%20Use%20Case_1.pdf</ref>
 
  (2021-10) https://www.cisa.gov/sites/default/files/publications/CISA%20TIC%203.0%20Remote%20User%20Use%20Case_1.pdf</ref>
 
* This initiative is based on trust zones and so is not directly compatible with a [[Zero Trust Architecture]]
 
* This initiative is based on trust zones and so is not directly compatible with a [[Zero Trust Architecture]]
* The TIC 3.0 Remote User Use Case (Remote User Use Case) defines how network and multi-boundary security should be applied when an agency permits remote users on their network. A remote user is an agency user that performs sanctioned business functions outside of a physical agency premises. Theremote user scenario has two distinguishing characteristics:
+
* The TIC 3.0 Remote User Use Case (Remote User Use Case) defines how network and multi-boundary security should be applied when an agency permits remote users on their network. A remote user is an agency user that performs sanctioned business functions outside of a physical agency premises. The remote user scenario has two distinguishing characteristics:
# Remote user devices are not directly connected to network infrastructure that is managed and aintained by the agency.
+
# Remote user devices are not directly connected to network infrastructure that is managed and maintained by the agency. These device are either
 +
##EMM Enterprise (agency) owned and maintained.
 +
##DCD - like BYOD which is employee owned.
 
# Remote user devices are intended for individual use (i.e., not a server)
 
# Remote user devices are intended for individual use (i.e., not a server)
  

Revision as of 14:33, 6 October 2022

Full Title

Trusted Internet Connections (TIC), originally established in 2007, is a federal cybersecurity initiative intended to enhance network and perimeter security across the Federal Government.

Context

Trusted Internet Connections 3.0 Remote User Use Case[1]

  • This initiative is based on trust zones and so is not directly compatible with a Zero Trust Architecture
  • The TIC 3.0 Remote User Use Case (Remote User Use Case) defines how network and multi-boundary security should be applied when an agency permits remote users on their network. A remote user is an agency user that performs sanctioned business functions outside of a physical agency premises. The remote user scenario has two distinguishing characteristics:
  1. Remote user devices are not directly connected to network infrastructure that is managed and maintained by the agency. These device are either
    1. EMM Enterprise (agency) owned and maintained.
    2. DCD - like BYOD which is employee owned.
  2. Remote user devices are intended for individual use (i.e., not a server)

References

  1. Cybersecurity and Infrastructure Security Agency Version 1.0 Remote User Use Case (2021-10) https://www.cisa.gov/sites/default/files/publications/CISA%20TIC%203.0%20Remote%20User%20Use%20Case_1.pdf