User Training Is Needed for a New Classified Setup
Agencies that want to pursue this new solution will need to take into account that there are distinct differences compared with how users have normally accessed classified information.
The setup for users is slightly more complicated than working on a traditional desktop computer in an office. Users will need to go through several login prompts and have their laptops plugged in to a specific Wi-Fi-enabled device with a firewall with customized security software. Therefore, login attempts will be rejected if users try logging in from other Wi-Fi networks.
Additionally, users will need to be educated on how the network functions for this setup. For example, some Army users in Kuwait found the network a little sluggish, but that is because they were trying to access information that was located in the U.S. So, IT leaders will need to manage user expectations on network latency, especially if their local network environment has a great deal of traffic on it already.
Users who are operating stateside will also notice that they have many fewer devices on their desks, since they don’t need a separate laptop or desktop to access classified information. That’s one of the clear benefits of the solution, but users will need to be trained on how to toggle between different network and device environments depending on the information they are trying to access.
As the solution becomes more mature, agencies will be able to have more formalized training with users. There is a growing interest in the solution, and the Air Force is considering it to support classified communications with a foreign partner.
Long-Term Effects of Classified Remote Work Environments
As the solution evolves and more agencies deploy it, there are some key considerations IT leaders should bear in mind.
One of them is that they need to think about how users will interact with the solution. For example, if there are engineers who want to use computer-aided design technology to access classified blueprints or models, that will require more bandwidth and back-end network infrastructure than needed for users who are simply checking email.
Agencies should engineer the solution to support the most robust use case they can envision for their network and have those conversations before deploying the solution. That includes discussing bandwidth at where the data is being hosted and where users are located if they are not using Wi-Fi.
Another consideration is the location of the user. The farther away the user is from the physical infrastructure, the more latency will become a factor. The only way to decrease the latency is to increase the bandwidth, so IT leaders will need define the expected user experience. There is no one-size-fits-all solution, and the network bandwidth should be tailored to the agency’s needs.
Finally, the NSA has an approved products list, which vendors such as CDW need to operate in when constructing this kind of a solution. The list gets updated a few times a year. Sometimes, agencies may purchase networking or security products because they are less expensive. However, that is typically because they are older-generation products, and there is a risk that the NSA could drop them from the approved list.
That would force the agency to scramble to buy new products, as there is typically only a six-month grace period. The more prudent course of action is to plan ahead and try to future-proof the network and IT infrastructure supporting this solution as much as possible. Doing that due diligence ahead of time will likely pay dividends down the road.
The solution is new, which comes with its own set of challenges. Still, it provides agencies with tremendous flexibility in giving users secure access to classified information in remote environments. That is something worth exploring, even if it requires some adjustment.