COTS Has Become a Practical IT Solution
The NSA, like other government agencies setting the tone for their colleagues, is promoting agility and faster deployment of new solutions. Its CSfC program certifies commercial network solutions that agencies can use to create secure, encrypted networks that protect classified National Security Systems (NSS) data.
This makes a COTS purchase more palatable for the IC because those products and solutions have been vetted to ensure their security in a classified setting.
Today, that peace of mind is even more critical. With the dual pressure of the White House mandate to create zero-trust environments by 2024 and the threat of cyberattacks from Russian-affiliated hackers, all federal agencies are looking to button down their networks. Add the sudden and necessary rush to telework in early 2020 — a practice unheard of in the IC — and tight security in the classified world is even more essential.
As telework has become part of the federal work routine, intelligence agencies are looking to maintain practices that they established on an emergency basis.
It looks as though telework wasn’t the open backdoor for malicious actors that many had feared, but it has put a strain on agencies to maintain a strong security posture and still get day-to-day work done. Third-party vendors, CDW•G among them, are developing new solutions to support the IC in those efforts.
Teamwork Is Essential in Upgrading Classified Technology
At CDW•G, we’re putting together an enterprise cross-domain access solution that has zero trust baked in. It allows a user to access from anywhere the various networks needed from one device, rather than requiring a classified device for the classified network and an unclassified one for the open network.
In this situation, the agency provides an approved solution framework, and we’ll look for the COTS products and solutions to create a flexible, nonproprietary environment that satisfies all of the agency’s security requirements. It’s a cost-effective way of working that we deliver by putting best-of-breed solutions together to deliver a seamless user experience.
Having staffers experienced working in IC environments allows us to be an effective partner. The last thing a customer wants to deal with is a company that doesn’t understand the intricacies of what it takes to work hand in hand.
A lot of that understanding comes from hiring people with the necessary security clearance levels — and the commensurate understanding of how the customer operates. We develop people who have both the technological skills and the clearances necessary to understand the mission.