OMB wants trusted access plans

Culture change

The Defense Department has reduced its public Internet access points over time, said David Wennergren, DOD’s deputy chief information officer. It was a process that required DOD to change its culture and to manage change. The Trusted Internet Connections initiative “is about giving up some personal control and having to partner with someone else,” he said.

Wennergren said DOD’s consolidation experience proved the value of these five steps.

1.Get leaders at the top to talk about the
initiative.

2.Establish a governance structure to measure and monitor progress.

3.Implement a single repeatable process.

4.Establish clear lines of authority that provide management direction.

5.Create consequences for not following through.

— Mary Mosquera

Agencies are under a directive to decrease the number of  external Internet connections they maintain as part of an effort to keep closer watch on the traffic flowing through those connections. By April 15, they are to file details on their business models, technical capabilities and plans for consolidating those connections under the Office of Management and Budget’s Trusted Internet Connections (TIC) initiative.
 
The plans must also include agencies’ assessments of their ability to be shared-services providers of secure gateway Internet access for other agencies. By May 1, agencies must tell OMB if they need additional public Internet access points and, if so, justify the need.  

OMB will work with agencies to help them achieve the administration’s security priorities, said Karen Evans, OMB’s administrator for e-government and information technology. “We expect agencies to meet the deadlines requested as well as the target for reduction of the external access points.”

The initiative will improve the federal government’s incident response capability by enabling centralized gateway monitoring at a select group of trusted access providers, Evans said. OMB introduced the policy initiative in November as part of its Information Systems Security Line of Business initiative.

By June 30, the agency expects to reach its consolidation goal of having only 50 external Internet connections for the entire federal government — it now has more than 1,000. The success of the initiative will depend on each major department or agency having only two or three gateway connections.

To protect sensitive data from potential adversaries, the federal government cannot maintain an unlimited number of external pathways to the public Internet, said Randy Vickers, associate deputy director of the U.S. Computer Emergency Readiness Team at the Homeland Security Department. Instead, agencies must channel their connections through a reduced number of gateways. The consolidation should have no effect on employees’ ability to use the Internet, Vickers said.

Agencies must comply with TIC at the same time four other OMB information security mandates — encryption, two-factor authentication, Federal Desktop Core Configuration and Homeland Security Presidential Directive 12 — are demanding their attention.

“It’s hard to do five things at once, but there really are at least five things you have to do at once to be protected,” said David Wennergren, deputy chief information officer at the Defense Department. “You really have to do HSPD-12 and those other things in parallel and not so much in a sequential pattern because that’s going to drag it out.”

HSPD-12 is the government’s secure identity verification program, which uses computer-readable cards.
The Health and Human Services Department earlier reduced its external connections to the Internet from more than 40 to 16, said Michael Carleton, HHS’ CIO.

“It was a success because nobody knew” the consolidation had occurred, Carleton said. However, further reducing those external connections from 16 to two or three will be more difficult, he said.

HHS will use the General Services Administration’s Networx network services  program to create an architecture for fewer Internet gateways. Using the Networx option, HHS expects to activate TIC connections in April 2009, Carleton said.

Vendors qualify as public Internet gateway providers under OMB’s TIC initiative. HHS could implement TIC faster under the current but expiring FTS 2001 telecommunications contract. However, the Networx program offers more capabilities,Carleton said.

HHS plans to use Networx to comply with two additional governmentwide OMB policy initiatives. The department will upgrade its backbone network to run the next-generation IP and optimize its IT infrastructure under OMB’s IT Infrastructure Line of Business. 

About the Author

Mary Mosquera is a reporter for Federal Computer Week.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.

Featured

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

  • Shutterstock image.

    Merged IT modernization bill punts on funding

    A House panel approved a new IT modernization bill that appears poised to pass, but key funding questions are left for appropriators.

  • General Frost

    Army wants cyber capability everywhere

    The Army's cyber director said cyber, electronic warfare and information operations must be integrated into warfighters' doctrine and training.

  • Rising Star 2013

    Meet the 2016 Rising Stars

    FCW honors 30 early-career leaders in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group