IDC Government Insights Community –
On April 28, 2011 Jacob Lew released an OMB memorandum
While this OMB memorandum grants agencies broad discretion in formulating telework purchasing policies to best suit their needs, agencies must at a minimum:
- Select and acquire information technology that is technology and vendor neutral and best fits the needs of the Federal Government
- Determine allowable IT products and services, including remote access servers, client devices, and internal resources accessible through remote access
- Prioritize use of government-wide and agency-wide contracts for new acquisitions and renewal of services to leverage the government's buying power
- Deploy new and modernize existing agency IT systems and infrastructure to support agency teleworking requirements
- Ensure that all devices and infrastructure comply with federal security and privacy requirements
- Ensure protection of sensitive information by properly disposing of devices no longer in use
Workforce mobility and citizens’ needs for readily accessible information create an inherent conflict with security, and devices and solutions that securely improve information mobility need to take center stage. Government networks must be protected with comprehensive solutions that control access into networks, ensure user identity, prohibit data leaks, reduce spam, prevent virus outbreaks, scrub traffic for unwanted usage to protect employee and citizen information, and provide secure access to government programs.
Although these facts have been well known for years, we will see yet another memorandum, again from OMB, on June 7, 2011. This forthcoming memo will provide guidelines to ensure the adequacy of information and security protections for information and information systems used while teleworking. It's about time. In this current environment of needing to lead by example, versus by email or memorandum, congratulations to the agencies that have successfully deployed telework. As cited in GCN last week Better government through telework: Agencies count the advantages, in addition to the real estate savings, agencies such as CDC are expanding their practices of providing encrypted laptops not only to teleworkers, but are also replacing traditional desktops with PCs. Good plan, as this allows this agency flexibility for quickly setting up additional future teleworkers by leveraging such equipment.
It's time to seriously deploy telework policies and procedures that are uniformly implemented and enforced across government. The lack of consistent policies and effective security measures are significant barriers to governmentwide telework. Governments also need to examine processes, tools, and organizational behaviors as they prepare for security breaches and attacks. Holistic approaches to information security include protection of devices, infrastructure, and applications, and policies and practices for workers. Successful government telework requires strong leadership, sustained management commitment and effort, disciplined processes, consistent oversight, and apparently, another memorandum.