Federal CyberBytes Issue Brief #3: Gerald Caron/Peter Romness
Securing Remote Government Workers
As much of the government shifted to remote work during the pandemic, securing that workforce has become more important than ever. And crucial to that process is the implementation of the network architecture of Secure Access Service Edge (SASE) and the latest iteration of the Trusted Internet Connections (TIC) initiative, 3.0. On Billington’s Federal CyberBytes podcast, we talked about SASE and TIC 3.0 with Gerald Caron, Director of Enterprise Network Management, U.S. State Department, and Peter Romness, Cybersecurity Principal, Public Sector CTO Office, Cisco Sustainment, DOD.
Gerry sees the greatest challenge in securing the State Department remote workforce is understanding how radically the risk surface has changed.
“We’re used to that culture of protecting the on-prem network and having this moat-and-castle kind of perimeter and the soft, gooey center. Now we have people, especially during the pandemic, remotely teleworking through different means, either with BYOD devices, government-owned, managed devices, many other ways. So understanding those things – how to secure, how things are managed, where your data is, where your data is going – better is definitely a key to being able to protect in this new normal going forward.”
Gerry is excited about how the latest TIC update has smoothed this process.
“TIC 3.0 is a godsend for us because it allows so much more flexibility than we were used to with TIC 2.0. My example would be at the State Department, we’re in every country across the world. We’re very geographically dispersed. With 2.0, I have to backhaul all internet-bound traffic all the way back to DC just to go out through one of two of my TICs. But there’s just so much more flexibility that TIC 3.0 allows us that I think we can meet the telework ambition needs now as we do a more telework environment.”
Gerry’s advice for those who want to take full advantage of TIC 3.0 is simple: do your homework.
“We want to make sure that we have all that security in place,” he says. “So it is very important that if people are doing or want to take advantage of TIC 3.0, that they read all those volumes in order to get a good understanding of what it is that they can and can’t do, and what it is that they need to accomplish that still remains secure.“
Peter likewise praised TIC 3.0, both for its flexibility for the environment – “You need to have the flexibility to have traffic come back to your data center when it needs to go to one of those apps, and it needs to have the flexibility that if you have a remote worker, that you can go directly to your Office 365” – and for the savings on things like transmission costs. “You don’t want your data coming across the country to your data center, and then back across the country to a cloud application when it could go directly. So that’s saving money. It’s also saving on time and user experience for your customers.”
Peter also explained the advantages of SASE for Cisco’s government customers. “SASE, as you know, is Secure Access Service Edge. That means that you’re putting the security at the point where your users are leaving your environment or their environment and going to the cloud. And so the benefit is that you can go directly to the cloud, you don’t have to go back to something. I see two main enablers to TIC 3.0, SD Wan is what enables the background of TIC 3.0; it allows you to manage your environment. And then SASE is the ability to apply security so that your users can go directly outbound instead of coming back to headquarters. ”
As for why Cisco’s government customers see such promise in SASE and SD Wan, Peter’s answer was simple: “It’s a great opportunity to get all the flexibility and cost savings that both Gerry and I talked about today.”
We would like to thank Cisco for sponsoring this episode.