There has been much evidence in recent months that agencies are making progress in implementing the requirements of the 2010 Telework Enhancement Act. But some significant gaps still exist in ensuring secure remote access for federal workers, according to a new study.
In its annual report to Congress on the implementation of the Federal Information Security Management Act, the Office of Management and Budget noted that some agencies are moving toward two-factor authentication for remote access, versus previous methods that required only a user ID and password.
But overall, significant weaknesses remain in secure remote access options, OMB found. Given these gaps and the growing importance of telework, the Homeland Security Department will be publishing a reference guide this year outlining designs for providing secure remote access and telework options, the report states.
The Obama administration said it also plans to collect performance metrics through Cyberscope, the federal repository for gathering FISMA data, in order to better understand and manage vulnerabilities associated with remote access through telework.
"As the number of federal employees teleworking grows in fiscal 2012 and beyond, these metrics will be examined closely and revised to address the information security and privacy risks brought by the increasingly dispersed federal workforce," the report states.
Turn Off Your Auto-Reply Messages
There's an interesting conversation on GovLoop about whether it's appropriate to leave an out-of-office message in your email when you're teleworking -- as some federal workers apparrently are doing.
Telework should still mean business as usual, right?
This could be one reason why telework is such a tough sell for some federal managers. I recently wrote about how the Office of Personnel Management's Results-Only Work Environment pilot program, which allowed some 400 employees to decide where and when they want to work, was scrapped -- not because the technology was not up to par, but because of culture. Employees' goals were not set clearly enough, and communication between employees and managers also was not clear.