Search AFCEA Site

Enable breadcrumbs token at /includes/pageheader.html.twig

Multi-Domain Secure Systems Aid Remote Government Workers: Sponsored Content

Devices let at-home workers securely access classified data.
By Henry S. Kenyon

Intelligence community and government personnel who work with classified or sensitive information often use multiple computers on their desks, each one connected to a separate network based on the security level of the information being accessed.

This can create a variety of IT and logistical challenges for workers onsite, but as ongoing COVID-19 pandemic and other circumstances force more people to work remotely, managing all of this equipment and their security requirements from a private home can be difficult or nearly impossible without multilevel secure systems capable of doing the job of multiple desktops in a single secure station.

Although such systems have been used for years, the pressing need for staff to work securely from home opens new opportunities for cross-domain solutions because while they are useful in eliminating excess infrastructure and physical space requirements in an onsite, enterprise setting, they are ideally suited for meeting the surge in home telework created by the pandemic.

One big advantage of systems like Forcepoint’s Trusted Thin Client is that in an institutional setting, “it eliminates the need for personnel like analysts to have multiple computers linked to different secure networks on their desks. This allows workers to access different networks with varying security levels from a single endpoint device by clicking on a menu on their desktop,” says George Kamis, chief technology officer for Forcepoint Global Governments and Critical Infrastructure.

Traditionally, intelligence community or other government personnel with access to classified information cannot work from home at all. The select few that are allowed require a specialized setup. This often consists of a safe to store one or more secure laptop computers and encryption devices that allow their computers to securely connect to classified networks. This can be impractical to scale in special conditions, like working in a COVID pandemic. This also does not scale for those individuals, who might need to
access dozens of secure networks during the workday, Kamis says.

This can now be done in a more streamlined manner with a system like Forcepoint’s Trusted Thin Client: Remote, which allows remote users to securely access unclassified and classified networks using technology developed in compliance with the National Cross Domain Management Strategy Office and National Security Agency’s Commercial Solutions for Classified (CSfC) program. The technology leverages cross-domain technology and off-the-shelf virtual private network technology to make a secure network connection to a classified network, protecting any information in transit between the worker and the enterprise, Kamis says.

Besides providing secure connectivity to a variety of networks at different classification levels, he notes that it also makes use of the CSfC-developed encryption technology to secure the data while it’s in transit and at rest.

Forcepoint also leverages a virtual desktop infrastructure that allows users to access a variety of work environments, both classified and unclassified, from standard government-issued laptop computers.

“Their data, applications and operating systems all run within headquarters or their protected data centers, and all that’s being sent to the user is a redisplay or the view of those applications running remotely,” Kamis says.

When users log into their computers, they don’t really log into the Trusted Thin Client Remote; instead they indirectly log into a computer running in the customer’s data center and any programs, such as Microsoft Outlook, that they access all reside in that data center. Display data is sent to the remote user, but Kamis notes that no sensitive data ever is stored on their laptops at any time. When the user logs out of the system, no data resides on their laptop, Kamis says.

This is a great benefit for personnel working remotely who need to access information on multiple secure networks. The Trusted Thin Client: Remote eliminates the need and security headache of keeping multiple laptops in a safe or maintaining an encryption device, he adds.

A big challenge government agencies face when setting up remote workers is being able to scale up large numbers of end points and their security levels. For commercial solutions in this space, scalability and the ability to support it from a range of different products is a key requirement that Forcepoint can meet, Kamis says.

Forcepoint’s cross domain solutions are included on the US NCDSMO baseline list for TSABI, SABI, meet NSA’s Raise The Bar guidelines, and are on the CDM Approved Product List (APL)

Comments

The content of this field is kept private and will not be shown publicly.
About text formats

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
Enjoying SIGNAL?
SIGNAL Magazine is available through subscription or as part of your membership in AFCEA.
SUBSCRIBE NOW
LEARN MORE
JOIN AFCEA