Governance Briefing — CISA releases TIC 3.0 interim telework guidance

Executive briefing: CISA published Trusted Internet Connections (TIC) 3.0 interim telework guidance on 12 March 2020 to support rapid remote-work expansion during COVID-19. The document provides security objectives and reference architectures for split-tunnel VPNs, cloud access security brokers, and secure web gateways.

What changed

• Federal agencies received interim TIC 3.0 guidance tailored for large-scale telework, supplementing earlier baseline objectives.
• CISA detailed visibility and policy enforcement requirements for VPN concentrators, remote desktops, and cloud access services.
• The guidance emphasizes leveraging EINSTEIN, CDM, and CASB tooling to preserve telemetry when traffic bypasses traditional TIC access points.

Why it matters

• Agencies can scale remote access without sacrificing mandated cybersecurity controls and logging.
• Supports faster onboarding to cloud and collaboration platforms while meeting OMB telework directives.
• Offers a blueprint state and local governments and critical infrastructure operators can adapt for pandemic-driven remote work.

Action items for operators

• Map existing remote access architectures to TIC 3.0 security capabilities and ensure telemetry feeds remain active when split tunneling is enabled.
• Coordinate with SOC teams to integrate CASB, DNS security, and endpoint detection data for remote sessions.
• Update telework policies to reflect CISA recommendations on authentication assurance, device posture checks, and privileged access pathways.