The Office of Personnel Management has set up policies and instructed several agencies to collaborate on security policies around teleworking.
(click image for larger view)
Slideshow: Obama's Tech Tools
The Office of Management and Budget (OMB) must confer with the Department of Homeland Security (DHS) and the National Institute of Standards and Technology (NIST) to determine security practices around a federal telework policy, according to new teleworking guidelines the Office of Personnel Management (OPM) issued this week.
The 41-page document released by the OPM offers practical information and sets up policies that federal agencies and their telework managing officers should use for remote workers.
A practice in place for some time, the ability for federal employees to telework became official in December, when President Obama signed the Telework Enhancement Act of 2010 into law. As part of the law, federal agencies are required to assign managers specifically to oversee teleworking, and the guidelines are aimed at helping them manage remote workers.
The OMB now has until June 7 to work with the DHS and NIST to issue guidelines for ensuring the security of IT systems used by teleworkers, according to the OPM.
The OMB also must issue policy guidance requiring that each federal agency purchase computers that enable and support telework whenever they buy new systems. The only exception is if the head of the agency deems that there is a "mission-specific reason" to not do so, according to the OPM.
As another resource for agencies, the OPM will maintain a central telework website that includes telework links, announcements, and other guidance developed by OPM or submitted by the Federal Emergency Management Agency and General Services Administration, which traditionally have supported teleworkers alongside the OPM.
Even as agencies will oversee broad security for teleworkers, the OPM's guidelines require that employees themselves also must take responsibility for the security of the data and other information they work with.
The guidelines require that employees must be familiar with and understand their agency's IT security policies as well as participate in security training.
In addition to following security protocols for connecting remotely to federal networks, teleworking employees also must maintain the security of any files, correspondence, and equipment they use while teleworking. This may require additional security to be installed in a home office if the employee handles data of a particularly sensitive nature, according to the OPM.
Teleworking is already on the rise and likely to become more prevalent under the new law. In a Status of Telework report the OPM released to Congress in February, the agency said that the number of federal employees who telework increased 11,046 between 2008 to 2009, with 14,000--or 10.4% of eligible federal employees--now teleworking.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.