At the Environmental Protection Agency, 2022 has been a year spent on the IT learning curve. With major network upgrades on the horizon, EPA’s first step was moving to a vendor that could support its gradual modernization strategy. Although the agency originally planned to have the transition completed by spring 2022, the EPA is still working on smoothing out the wrinkles.
Rather than forging ahead and risking interruptions in service, the EPA wanted to pace itself. So far, they are staying with their Multiprotocol Label Switching (MPLS) network as they adjust to working with new technologies.
“We’re doing operations, steady state operations, keeping everything moving. Once we’ve gotten over that transition hump, then we’ll start to look at modernization,” said David Updike, director of EPA’s Office of Information Technology Operations, on Federal Monthly Insights – Infrastructure Evolution.
Updike said the EPA needs to remain with its MPLS network through the transition process to make sure there are as few interruptions to day-to-day operations and service delivery as possible.
Next on the horizon, however, will be a major network switch as the agency looks for better integration and more accurate controls. Updike said the agency operates a series of smaller sites in addition its larger ones, and upgrading their network should streamline their service delivery.
“We’ll be looking at 5G and software-defined wide area networking to improve our efficiency and resiliency and overall service delivery,” Updike said.
The agency already has cloud services in place, but the network upgrades should allow for a smoother user experience.
“We have multi-cloud integrations right now. We’ve already gotten ourselves to a place where we can deal with most of our major cloud services without a virtual private network,” Updike said.
While the move to 5G will help overall with the data storage and delivery at the EPA, the network installation upgrades will mean lots of the devices in use at the agency will be obsolete. Updike said the agency has 15,000 laptop computers that are not 5G compatible.
“If 5G is there and if 5G has the right capacities, great. But for the near term, I think, in the next three years or so, I don’t see us moving away from the standard wired infrastructure within our facility,” Updike said.
As the EPA goes through the process of modernizing its network, a big part of the puzzle will be building resilient security systems. The EPA will be implementing the requirements under the Trusted Internet Connection 3.0 standards. This version expands on the original TIC initiative by consolidating network connections and enhancing visibility and security measures throughout the federal network as agencies upgrade their technologies. Updike said EPA continues to focus its security priorities on the end-user experience. Aside from outside users, 50% of EPA employees now work remotely. That means the agency relies heavily on multifactor identification.
“At the beginning of this year, we drove all of our external applications to login.gov for identity services, and drove those applications into our integrated identity access management. Now, this year, we’re basically marching through and doing that internally,” Updike said.
He added that as the zero trust network access framework matures, it should lend flexibility to the end-user experience and give people more options for using the network.
“Access will become somewhat ubiquitous, you will not need to be anywhere, any place specifically. So there’s a lot more freedom that comes with [zero trust architecture]. Anywhere, any place, potentially any device,” Updike said.