Photo: Courtesy of Forcepoint
As coronavirus cases continue to rise in the United States, the need for employees to work remotely appears likely to linger for months to come. Already, the vast majority of federal employees have been teleworking—some one week on, one week off. The fact that some agencies have been rotating workers illustrates the fact that remote work can be challenging. This is especially true in the government space, where so many people rely on access to classified networks to do their jobs.
With telework as status quo for the foreseeable future, it’s imperative for federal agencies to make sure their employees can access the networks and information they need without compromising security or compliance. The question, which this article aims to answer, is how.
Maintaining compliance
Government employees have always worked with multiple networks and classification levels, as maintaining physically separate network architectures (called network segmentation) is commonplace. At the same time, information sharing is a core part of government work, too. Thus, employees need to be able to access data from multiple separate networks. This was true even before the pandemic, and was made possible via access cross-domain solutions like Forcepoint’s Trusted Thin Client, which permit access to multiple domains from a single endpoint. Now, though, employees must also be able to simultaneously access multiple domains from home.
In order to make that happen, government agencies must be aware of relevant regulations. To start, Raise the Bar (RTB) was released by the National Cross Domain Strategy Management Office to increase the secure robustness of cross-domain solutions. Any access cross domain solution that agencies use must meet this standard.
On top of that, the National Security Agency debuted a program called Commercial Solutions for Classified, or CSfC, several years ago. This program approved use of commercial encryption technology (known as commercial off-the-shelf technology, or COTS) to protect classified information. Without it, accessing multiple domains would require multiple high-security encryption devices. Now, it can instead be done with software. In turn, government employees can access classified resources from a single mobile device or laptop.
The benefits of a thin client model
By coupling CSfC with cross domain solutions, agencies can offer employees the ability to access not just one classified environment, but multiple from their home or anywhere in the world, as the current pandemic demands. With CSfC capabilities, connecting to a single classified network can happen within weeks. Multi-level access simply requires some accreditation time. In both cases, using a cross domain access solution, such as Trusted Thin Client, makes the management of remote work both easier and more secure, while also providing the ability to scale and support other classification levels.
By allowing secure access to an agency’s data center from an agency-provided laptop, workers gain access to all authorized networks required to do their jobs, without having any data reside on their portable device. This removes fear of data compromise or loss. All data and work products are saved on the appropriate network at the agency’s data center, not on the endpoint. This model also offers a good user experience, which translates to increased productivity. Being able to use a single device for multiple domains is significantly easier. It’s impractical for every user to have multiple computers and connections.
On top of that, all IT resources can be easily managed on the agency side as well. Cross-domain solutions provide robust centralized management for multiple form factors, globally dispersed sites, and thousands of users. In turn, the reduced infrastructure, office space, power consumption, and administration can breed millions of dollars in reduced costs and overhead.
The bottom line
Many organizations across the DoD and the IC already use a trusted thin client solution to enable access to multiple domains. Now, they need to add a remote configuration, like Forcepoint offers with its RTB-certified Trusted Thin Client: Remote, that secures workers from their homes as well. Forcepoint has the widest deployed multi-level device, too, with over 160,000 users worldwide.
Once again, a thin client model has many benefits, including the fact that all of IT is still maintained at the agency’s server room. Employees can access mission critical resources from anywhere in the world with no trace of data or evidence on the laptop, which is especially important in today’s remote environment. Employees will no longer have to work one week on and one week off due to tech and access limitations either. While managing COVID-19 has many moving parts, CSfC and cross-domain solutions can help with regard to the security, compliance, and productivity of at-home workers.
