April 2017 Digital Edition
March 2017 Digital Edition
Feb. 2017 Digital Edition
January 2017 Digital Edition
Nov/Dec 2016 Digital Edition
Oct 2016 Digital Edition
Be secure out there, OMB advises federal telecommuters
Lew: calls for safe
Guidelines for federal workers whose jobs include telecommuting have been issued by the U.S. Office of Management and the Budget (OMB) with the proviso that "each agency must ensure that adequate information and security protections for information and information systems are used while teleworking."
The guidelines, issued in a memo dated July 15, implement a law passed in December 2010 designed to improve telework across the federal government.
"Telework provides multiple benefits for the federal government, including resource savings, improved sustainability, employee recruitment and retention, as well as supporting the continuity of operations," OMB Director Jacob J. Lew wrote in the memo.
He noted that with the passage of the Telework Enhancement Act, more federal workers will soon begin to work from home or at shared government spaces to improve productivity, reduce the overhead costs and real estate footprint of the federal government, and continue to deliver timely services to the public.
"Telework leverages innovative technologies to allow federal employees to work from any location to improve productivity, assure continuity of operations and respond to the changing needs of the workforce," he said.
Among the technologies being tested by federal agencies, he noted, are effective telework models found in the private sector, such as "hoteling" stations. Those stations provide laptop connections and can double or triple the number of workers in a work space. "[T]his maximizes space, reduces costs, and should be applied government-wide whenever possible," he recommended,
It's been estimated that IBM saves $50 million in real estate costs through telework.
Telework also provides federal employees the ability to continue working during inclement weather, emergencies or situations that may disrupt normal operations, he added.
"However," he cautioned, "telework is only as effective as the technologies used to support it, which is why it is critical for agencies to take immediate action to ensure that their employees are properly equipped. If not properly implemented, telework may introduce new information security vulnerabilities into agency systems and networks."
To prevent security incidents, he continued, agencies are responsible under the Federal Information Security Management Act (FISMA) to provide protection for information and information systems commensurate with risk. Agencies must continue to follow OMB policies, National Institute of Standards and Technology (NIST) standards and guidelines, and Department of Homeland Security (DHS) security reporting requirements.
Agencies are expected to implement security telework policies to best suit their unique needs, he wrote. At a minimum, agency policies must comply with FISMA requirements and address the following:
- Controlling access to agency information and information systems;
- Protecting agency information (including personally identifiable information) and information systems;
- Limiting the introduction of vulnerabilities;
- Protecting information systems not under the control of the agency that are used for teleworking;
- Safeguarding wireless and other telecommunications capabilities that are used for teleworking; and
- Preventing inappropriate use of official time or resources that violates the standards for ethical conduct for Executive Branch employees by viewing, downloading, or exchanging pornography, including child pornography.