Telework Exchange

Going mobile and integrating telework into agency technology infrastructures is more complicated than sending an employee out with a laptop equipped with anti-virus software and a broadband connection. It takes planning, policy, and technology considerations as covered by expert panelists at the Telework Exchange Town Hall Meeting sessions focused on remote workforce technology.

Staying Connected

In the opening session, "Business Continuity – Testing Your Telework and IT Infrastructure," the speakers discussed the barriers to and benefits of integrating telework with agency business continuity plans.

Echoing the comments of the keynote speaker and Office of Personnel Management Director John Berry, session moderator Pamela Budda, Department of Defense Policy Program Manager and Telework Coordinator for Work/Life Programs in the Civilian Personnel Management Service Policy Strategy Support Cell, noted that telework effectively changes the conversation around business continuity. "It allows us to move from the idea of, 'Okay what's the minimum that we can do at a time of emergency?' to 'What is the maximum that we can do?'" she explained.

Although planning, evaluation, testing, and periodic rehearsal exercises are critical to an effective continuity of operations (COOP) plan, "the routine practice of telework, basically embedding the use of telework in mainstream operations, will ensure that there is a smooth transition when a crisis occurs," she said.

Josh Sawislak, Senior Advisor to the Administrator and Acting Chief of the Office of Emergency Response and Recovery at the General Services Administration (GSA), noted a major barrier to telework continues to involve getting agencies out of a 1950s "Cold War" mentality about government continuity and moving their thinking into the 21st century, when threats like terrorism and pandemic flu often come with little or no warning.

"Forget COOP – we are talking about continuity in a larger sense and resilience," he stated. "How do we continue to do what we do in an incident? By changing the thinking about how we get ready."

Telework is critical, Sawislak said, but to get agencies to adopt the work arrangement, they have to move from managing by attendance to managing by outcome and productivity. "This is how you prove the return on investment (ROI) of telework," he said.

The Federal Emergency Management Agency (FEMA) is pushing agencies hard to integrate telework as part of a detailed, robust, all-hazards plan, said Eric Kretz, Deputy Division Director of FEMA's National COOP Division, noting that the agency was getting ready to conduct a telework exercise involving 25 percent of its workforce called "Determine Century." FEMA offers comprehensive testing, training, exercise tools, and consultation to help agencies with their efforts to combine telework and COOP plans. The Department of Homeland Security also provides government organizations with a continuity exercise template that can be used as a baseline for preparations.

David Rubal, Unified Communications Manager for Cisco Federal, agreed that telework has to be a practiced, normal part of everyday operations, but added that "technology must be transformed to the point where if adaptation needs to occur, your phone and network infrastructure reconfigures to adapt to the current situation," which means embracing virtualization, mobile technologies, and rich media, like voice, video, Web collaboration, and building intelligence into the network.

Establishing the IT infrastructure for an unexpected disaster calls for rigorous testing of the network and processes during COOP planning, several panelists emphasized. "Don’t ever worry about failing during an exercise," said Joseph Ganci, Director of Audit Operations and COOP Coordinator for the Office of the Inspector General at the Department of Labor.

"The purpose of exercises is to break the system," echoed Sawislak. "If you don't do this, you're wasting your time."

Moving On

Panelists in the session titled "Always on the Move – IT Best Practices in Government Mobility" offered recommended technologies and processes to improve the productivity, convenience, and connectivity for mobile workers.

Theresa Noll, Senior Telework Program Analyst for the Office of Governmentwide Policy at GSA opened the discussion by explaining that her office relies on guidance from the National Institute of Standards and Technology (NIST) for enterprise telework considerations, including remote access and mobility best practices.

She encouraged attendees to visit www.nist.gov for its "excellent roadmap for deploying remote access for telework," Noll stated.

As a member of GSA's Alternative Workplace Arrangements team, Noll explained that she focuses on providing teleworkers with convenient access to data and network resources without introducing operational security threats.

For example, GSA allows tiered levels of remote access, based on the employee's job requirements and which networks they must access remotely. Employees can access a host of resources if they have a government-furnished laptop with current technology and robust security capabilities, Noll explained. However, those using personal PCs or mobile devices only can access a few lower-risk resources, such as Web-based e-mail.

Noll said that GSA's policy also allows employees to use what is often called an "aircard," offered by wireless telecommunications providers to enable wide area wireless Internet access.

"The aircard gives me broadband access anywhere I may be traveling on business," she explained, and she added it allows for virtual private network (VPN) connection for stronger user authentication.

By policy, GSA adheres to several best practices to ensure effective and secure remote work arrangements, including:

• Annual employee security and privacy training
• The use of government-furnished and employee-owned computers to increase the number of regular and occasional teleworkers and to better enable workers on travel to stay connected and continue to be productive
• Reimbursement for employee mobile expenses, such as broadband access

Greg Najjar, Director, Solutions Engineering, Sprint, noted that keeping communication lines open for remote workers is essential. Technology, such as aircards, unified communication, digital IP network cameras, and more, is available to allow teleworkers to be as connected as their counterparts in the office.

Noah Nason, Chief of the Information Services Division within the Office of Science and Technology at the Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF), spoke about the benefits and challenges of implementing telework and on-the-road work arrangements throughout his organization.

When the agency initiated its telework program, he explained, it focused less on enabling agents to work at home or in a remote office and more on where they needed to be "to catch the bad guys." That could be in a bunker inspecting an illegal weapons find, on the street investigating a lead, or at home doing paperwork.

Enabling this kind of access requires real-time information access, inconspicuous devices, and reliable communications. Regarding the latter, Nason noted, "If somebody is shooting at you, you do not want your communications to break down."

ATF is not yet where it wants to be with remote operations, however, Nason said. It has a broader vision for mobile agents and inspectors, and is taking small steps to implement key requirements. This includes issuing lightweight, ruggedized laptops for all 5,000 ATF employees and 1,500 contractors; redundant voice capability; secure wireless earpieces or hands-free communications devices; video capability; interoperability with other law enforcement agencies; and enhanced security protocols.

These goals, Nason said, are not affordable under the current budget or enabled under its current technology support contract. "Nevertheless, we need to have a goal to work towards," Nason said, noting that ATF officials eventually want to outfit its agents with wearable computers with heads-up displays and virtual keyboards.

Nason explained that his office is committed to enabling a truly mobile workforce because the benefits are so significant. The goal is to allow agents to work from anywhere, reduce telecommunication costs, improve employee morale, and deliver a robust contingency capability for emergency scenarios.

Tomas Soderstrom, IT Chief Technology Officer for the National Aeronautics and Space Administration's Jet Propulsion Laboratory (JPL), discussed how a strong telework program and trusted mobile capabilities helped his organization continue to operate when the August 2009 fires came within 30 feet of its California offices and forced mass employee evacuations.

He cited several lessons learned from that experience and from JPL’s “working from anywhere with anyone” pilot initiative. Among these are making it easy and natural for teleworkers to:

• Work from home by ensuring that critical applications are Web-enabled, providing back-up e-mail and instant messaging accounts in a cloud computing environment, and building in robust security, such as encryption
• Talk to each other by enabling call forwarding, Voice over Internet Protocol (VoIP) communications, virtual meeting spaces, and instant messaging
• Share documents in real-time through Web conferencing
• Maintain relationships, especially during long-term telework assignments

Secure This

The "Secure Telework and Remote Access" panel reviewed best practices in use today to secure data in mobile environments. The discussion was moderated by Ari Schwartz, Vice President and Chief Operating Officer of the Center for Democracy and Technology.

Richard Kissel, Certified Information Security Manager for NIST, noted that his organization offers guidance to telework program managers on a number of topics to support their agency implementation programs. NIST provides technical recommendations and resources on security, remote access, cell phones, PDAs, Bluetooth, firewalls, IP-VPNs, and secure socket layer (SSL) VPNs. For more information and reference publications, see www.nist.gov and search "telework."

Mary HorseChief, Information Systems Security Officer at the Overseas Private Investment Corporation (OPIC), a small independent Federal agency, reviewed the security practices that have been implemented for its teleworkers, which currently make up 30 percent of OPIC employees. She expects those numbers to increase significantly in the near future, thanks to recent enhancements to telework and other alternative work arrangement policies.

OPIC developed a telework program handbook and a training program that involves one-on-one instruction with end users to ensure that they are provided with details on every policy, as well as on their specific roles and responsibilities.

The Environmental Protection Agency (EPA) also has a robust telework program, with approximately 30 percent of its eligible workforce teleworking at least once a month. Vaughn Noga, EPA's Acting Director for the Office of Technology Operations and Planning Office of Environmental Information, noted that a key philosophy governing the agency's remote security policy is: "How we work at work is how we work at home." However, he added, "One-size-fits-all solutions don't work well."

For this reason, employees are provisioned with network and application access privileges at differing levels, depending on specific job responsibilities and data requirements. All employees have full access to voicemail and Web-based e-mail, and they have the ability to hold instant Web conferences. Many employees are provided with government-furnished laptops enabled with wireless technology, while others are given the right and ability to access secure files and data from the EPA network.

Noga added that policies also have been developed governing software management and piracy, agency network security, and personally identifiable information (PII). These policies are communicated to teleworkers through annual IT security awareness training for all employees, training for new employees during orientation, an annual EPA Tech Day, and by helpdesk employees when called on for assistance.

David Coley, Director, Public Sector Technical Services, Research In Motion, noted that "100% of their staff have the ability to (telework) anywhere in the world" and discussed the available solutions that are the best fit for situational, part-time, and full-time telework.