CISA has released v3.0 of their latest remote worker security best practices — which are helpful in formulating policies, procedures, and standards.

CISA Releases Guidance: TIC 3.0 Remote User Use Case | CISA

TIC 3.0 Core Guidance Documents | CISA

CISA has released Trusted Internet Connections 3.0 Remote User Use Case. The Remote User Use Case provides federal agencies with guidance on applying network and multi-boundary security for agencies that permit remote users on their networks. In accordance with OMB Memorandum M-19-26, this use case builds off TIC 3.0 Interim Telework Guidance originally released in Spring 2020.

The TIC 3.0 Remote User Use Case considers additional security patterns agencies may face with remote users and includes four new security capabilities:

    • User Awareness and Training,
    • Domain Name Monitoring,
    • Application Container, and
    • Remote Desktop Access.

In conjunction with the Remote User Use Case, CISA has also released Response to Comments on TIC 3.0 Remote User Use Case and the Pilot Process Handbook. These additional documents provide feedback on the Remote User Use Case and describes the process by which agencies should conduct TIC 3.0 pilots.