The final TIC 3.0 guidance released in July provided Federal agencies with increased flexibility for ensuring security in their cloud and mobile solutions as they drive forward on their modernization journeys. How are the new trust zones and zero trust working together? How is the new guidance helping agencies modernize while maintaining security?
We sat down with Bryan Rosensteel who serves as a Cyber Security Architect of Public Sector at Cisco’s Duo Security to get his take on the new and improved TIC 3.0 guidance.
MeriTalk: The final TIC 3.0 guidance released in July aims to help agencies introduce more flexibility as they continue to increase use of cloud and mobile solutions. From your view, how will TIC 3.0 support agencies as they progress in their modernization journeys, particularly in this age of maximum telework?
Rosensteel: The last time the TIC documentation and guidance was revisited was over 10 years ago. The world we were living in then was fundamentally different than today. If you think back to TIC 2.0, it was working under the assumption that most agency employees were in the building or on the corporate network accessing resources outside the network – that’s the way it was architected and designed.
We don’t live in that world anymore – and that has become abundantly clear over the last six to eight months of extreme telework. Now, more than ever, agencies need a more modern architecture that supports users, workloads, and cloud applications outside of the network. But they also still need the visibility and security architecture to support those use cases – and that’s exactly what the TIC 3.0 guidance is designed to provide.
No comments:
Post a Comment