In the wake of the 2019 pandemic and its long-lasting effects, most agencies have begun adapting new security standards to meet changing needs. The 2017 government action plan, The Technology Modernization Fund (TMF), aims to aid federal agencies with funding in order to accelerate the thorough completion of projects. While the TMF did not directly award grants for pandemic relief, many of its cybersecurity projects meet critical needs that were enhanced by the pandemic and working from home. Three of its major projects are centered around helping departments accelerate the transition to zero trust, the most effective security strategy. These projects focus on Zero Trust Architecture in the US Department of Education (EDU), Advancing Zero Trust with the GSA, and Zero Trust Networking with OPM.
Zero Trust Architecture
One project is the TMF’s funding of Zero Trust Architecture for the EDU. The TMF will invest $20 million into the department over a two-year span to strengthen the zero trust architecture in order to increase the security of citizen data maintained by the department.[1] This includes over a hundred-million students and borrowers that the EDU supports. The project’s goal is to improve security of data through strategy, architecture, design, and implementation roadmaps. The department will also have a catalog of services with Secure Access Service Edge (SASE) and Security Orchestration, Automation, and Response (SOAR) technologies.
Advancing Zero Trust
The TMF has awarded $29,802,431 to go toward the US General Services Administration (GSA) for advancements in zero trust.[1] As the GSA’s shared services support millions of users and hundreds of facilities, it is vital for the agency to advance their cybersecurity architecture. Through its TMF funding, the GSA intends to focus on three main areas:
- Users and Devices: The GSA aims to replace directory designs to meet new demands of telework and multi domain, hybrid cloud architecture. It will implement virtualization with security strategies, (including a single-sign-on multi-factor authentication option,) in order to:
- Increase cybersecurity identification and protection
- Add both equitable, online identity verification and in-person options for improved accessibility to vulnerable populations
- Reduce the barriers to Login.gov by expanding the website features for both current and future users.
- Networks: By leveraging SASE solution and upgrading public buildings’ security network, the GSA hopes to add micro segmentation to secure networks.
- Security Operations: The GSA intends to adopt increased machine learning and artificial intelligence driven algorithms. This would help connect diverse data sources, highlight system threats, and provide managerial oversight.
Zero Trust Networking
Finally, the TMF has allotted $9.9 million towards accelerating the adaptation of zero trust networking in the Office of Personnel Management (OPM).[1] The OPM hopes to improve cybersecurity architecture across data, identity, devices and endpoints, network and environment, and application workload areas. They aim to use the TMF funds to reduce the surface area for attacks and increase managerial visibility over networks. In doing so, they will improve the security of data and privacy protections for over two million civilian federal employees.
Increased financial assistance allows companies to implement vital security measures. In 2015, OPM experienced a security breach for their personnel systems, which led to the loss of more than 20 million personnel records.[2] In order to solidify their systems, the OPM conducted research on zero trust before ever receiving funding. As a result of the TMF’s aid, the OPM can now implement this latest security architecture faster than anticipated. OPM has created five different teams to execute this: architecture engineering, cloud operations, service management, service automation, and migration.[3]
Government Services for the People
TMF is vital to accelerating and improving agency projects. With the extra funding, organizations can afford better oversight measures, such as non-company experts. The variety of security measures, such as managerial oversight, smaller attack surface areas, micro segmentation, and identity verification, that TMF aids are all vital to the changing work landscape. Even features such as expanding website attributes will enhance public connection to government agencies in a post-COVID-19 landscape. With this increased connection, the federal government can better achieve its goal of being for and by the people.
View Adobe’s Experience Cloud Demo page for more insights on Technology Modernization Fund and cybersecurity. Need assistance? Check out Carahsoft’s Microsoft support portal for support on cloud architecture and other Microsoft solutions.
[1] “Investments: Advancing Zero Trust” The Technology Modernization Fund. https://tmf.cio.gov/projects/#advancing-zero-trust
[2] “The Awards Focus on Zero Trust and Include a Major Investment in the Login.gov Federal Digital Identity Solution,” FCW. https://fcw.com/security/2021/09/7-new-tmf-awards-include-one-classified-project/259192/
[3] “Technology Modernization Fund support awarded to 7 new agency IT projects,” FedScoop. https://www.fedscoop.com/opm-speeding-zero-trust-tmf/
