“The Department of Homeland Security’s top cyber official told Congress that changes to two IT security programs will help reconcile the government’s desire to modernize in the cloud and accommodate remote employees while still shoring up protections for federal networks and systems.”
“The Trusted Internet Connection program was launched in 2007 to reduce the federal government’s attack surface by cutting internet access points. That initiative pre-dated the “cloud-first” policy launched in 2010, and the two programs have struggled to sync up ever since.”
“Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security, acknowledged that the goal of reducing access points fit the old-school, IT-ownership model that cloud is replacing.”
“In the traditional or historic on-premise environment of having a server room or having a data center where you know where the equipment is and you can sit on the pipes and focus them down, TIC was important,” Krebs told the House Appropriations Committee in a March 13 hearing. “Going forward — particularly as we shift through IT modernization to cloud, because cloud is efficient, its scalable, it’s flexible to meet modern workforce demands — TIC won’t work.” Read the full article here.
Source: Why TIC and cloud don’t mix – By Derek B. Johnson, March 13, 2019. FCW.Tags: Cloud DHS XTRA