Is it time to rethink the TIC?
For nearly a decade, Trusted Internet Connections have centralized and secured the gateways through which agencies can connect to the public internet. What sufficed for sending email and visiting websites, however, is increasingly problematic as agencies move to adopt cloud services -- so the federal CIO's office is working to reinvent the TIC.
"We have challenges with the TIC architecture, because a lot of us are operating in hybrid environments," acting federal CIO Margie Graves said at BMC's June 7 event on digital enterprise management. She recalled an example from her time at the Department of Homeland Security, where a modernization effort involved moving systems into the Amazon Web Services cloud. To make the migration work, Graves said, it "required that we place a server at AWS to run our TIC architecture -- and then we found that we had latency issues associated with that."
Graves said her office and others are working closely with the Office of American Innovation on a wide range of IT-related reforms -- including possible new hiring authorities and ways to streamline the Authorization to Operate process -- and are in the midst of a 90-day sprint. An overarching goal, she said, is to "modify those things that no longer work or are sending people in the wrong direction. And one of the first things we’re tackling is our TIC policy. You’ll see something different coming out ... in how we might deliver TICs in a different kind of way."
Encryption is "not a panacea," Graves said, but agencies need to start thinking about security at the data layer, rather than perimeter defense and network-based security. "A stateless architecture," she said, is "the only way we're going to be able to fully adopt cloud services, and mobility, and Internet of Things, and all the technologies that are out there."
Graves also stressed to feds in the audience that "the alternative architectures that we’re exploring for delivering the TIC capabilities do not negate the necessity to maintain your cyber posture." Understanding the level at which an agency's data must be protected, making that data auditable, and the various TIC protections "are all important things," she said. "But they don’t necessarily have to be done with the architectures we have today."
Troy K. Schneider is editor-in-chief of FCW and GCN.
Prior to joining 1105 Media in 2012, Schneider was the New America Foundation’s Director of Media & Technology, and before that was Managing Director for Electronic Publishing at the Atlantic Media Company. The founding editor of NationalJournal.com, Schneider also helped launch the political site PoliticsNow.com in the mid-1990s, and worked on the earliest online efforts of the Los Angeles Times and Newsday. He began his career in print journalism, and has written for a wide range of publications, including The New York Times, WashingtonPost.com, Slate, Politico, National Journal, Governing, and many of the other titles listed above.
Schneider is a graduate of Indiana University, where his emphases were journalism, business and religious studies.
Click here for previous articles by Schneider, or connect with him on Twitter: @troyschneider.