Digital Workspace

The Long-Term Implications of Remotely Accessing Classified Data

User training and network planning are key considerations for a new way of performing classified work.

Marty Spain is CDW•G's Director of Federal Services & Solutions, and leads a team of energetic problem solvers and creative thinkers to support some of the most complex national security systems.

For about a year, the Army has been piloting a solution at Fort Gordon, Georgia, to enable users to access classified data remotely.

The solution allows users to access classified and unclassified networks from the same device and also includes a wireless capability that enables users to access classified networks from different parts of the post.

That has proved especially useful during the coronavirus pandemic, enabling the Army to maintain social distancing while keeping users productive. However, the solution can be used in any setting where there is an internet connection.

There are only several hundred users actively testing the solution right now, but the Army plans to expand the pilot, as other agencies are interested in the technology. In the long term, as this kind of solution gets rolled out at other federal agencies, IT leaders need think through the implications of the new setup.

Users who have grown accustomed over the years to accessing classified information in specific ways will need additional training and education on how the new solution works. Agencies will also need to invest in the appropriate amount of bandwidth to handle their most network-intensive use cases.

It would also be wise for agencies to procure more up-to-date network equipment to ensure they remain approved for the long term under the National Security Agency’s Commercial Solutions for Classified Program.

User Training Is Needed for a New Classified Setup

Agencies that want to pursue this new solution will need to take into account that there are distinct differences compared with how users have normally accessed classified information.

The setup for users is slightly more complicated than working on a traditional desktop computer in an office. Users will need to go through several login prompts and have their laptops plugged in to a specific Wi-Fi-enabled device with a firewall with customized security software. Therefore, login attempts will be rejected if users try logging in from other Wi-Fi networks.

Users who are operating stateside will also notice that they have many fewer devices on their desks, since they don’t need a separate laptop or desktop to access classified information. That’s one of the clear benefits of the solution, but users will need to be trained on how to toggle between different network and device environments depending on the information they are trying to access.

As the solution becomes more mature, agencies will be able to have more formalized training with users. There is a growing interest in the solution, and the Air Force is considering it to support classified communications with a foreign partner.

Long-Term Effects of Classified Remote Work Environments

As the solution evolves and more agencies deploy it, there are some key considerations IT leaders should bear in mind.

One of them is that they need to think about how users will interact with the solution. For example, if there are engineers who want to use computer-aided design technology to access classified blueprints or models, that will require more bandwidth and back-end network infrastructure than needed for users who are simply checking email.

Agencies should engineer the solution to support the most robust use case they can envision for their network and have those conversations before deploying the solution. That includes discussing bandwidth at where the data is being hosted and where users are located if they are not using Wi-Fi.

Another consideration is the location of the user. The farther away the user is from the physical infrastructure, the more latency will become a factor. The only way to decrease the latency is to increase the bandwidth, so IT leaders will need to define the expected user experience. There is no one-size-fits-all solution, and the network bandwidth should be tailored to the agency’s needs.

Finally, the NSA has an approved products list, which vendors such as CDW•G need to operate in when constructing this kind of a solution. The list gets updated a few times a year. Sometimes, agencies may purchase networking or security products because they are less expensive. However, that is typically because they are older-generation products, and there is a risk that the NSA could drop them from the approved list.

That would force the agency to scramble to buy new products, as there is typically only a six-month grace period. The more prudent course of action is to plan ahead and try to future-proof the network and IT infrastructure supporting this solution as much as possible. Doing that due diligence ahead of time will likely pay dividends down the road.

The solution is new, which comes with its own set of challenges. Still, it provides agencies with tremendous flexibility in giving users secure access to classified information in remote environments. That is something worth exploring, even if it requires some adjustment.

This article is part of FedTech’s CapITal blog series. Please join the discussion on Twitter by using the #FedIT hashtag.