How to Make Federal Government Telework a Success

A third option is for agencies to deploy a software-defined WAN, in which a software agent can be used to connect a user’s home network to the enterprise network, with the home network acting as a “branch” location. Agencies can deploy remote cloud Wi-Fi access points from vendors such as Aruba Networks and Extreme Networks. However, that may not be easy to do right now at scale. So, Kerravala says, it may be reserved for higher-level users who need access to critical applications.

Susie Adams, CTO of Microsoft Federal, says that thanks to OMB easing acquisition procedures and the Defense Department’s Commercial Virtual Remote Environment, “agencies can quickly adopt large-scale telework platforms, such as Microsoft Teams, that enable virtual collaboration.” 

Moving forward, she advises, “agencies should test solutions early and often to ensure they meet security and compliance requirements for a remote office environment.” Additionally, Adams says, “agencies should develop their zero-trust architecture to protect their organizations during a fast-tracked digital transformation” and follow guidance from the DHS Cybersecurity and Infrastructure Security Agency Trusted Internet Connections program (specifically, CISA’s interim TIC 3.0) and the National Institute of Standards and Technology (NIST’s Zero Trust Architecture). 

Dominic Delmolino, CTO of Accenture Federal Services, says that in addition to technology, agency IT leaders need to work on the culture and awareness around telework. 

“How do you help your workforce effectively and productively working from home?” he asks, noting that employees no longer have a commute to decompress after a workday and just may need more support in general. “How do you help people collaborate with all the people they interact with — suppliers, business partners, contractors? How do you collaborate across agencies or across organizations?” 

IT leaders need to also think through how to help workers whose jobs cannot be moved online.

MORE FROM FEDTECH: Learn about the technology behind videoconferencing tools and how to keep them running.

The Necessary Collaboration Tools for Remote Teams

There are numerous aspects of an agency’s telework toolkit that can set the agency up for success.

“The enterprise toolkit should address the increase in traffic from remote users across the infrastructure and access to the right hardware to maintain the infrastructure, such as servers, routers and other IT equipment at data centers, or infrastructure supporting access to enterprise systems,” the GSA spokesperson says. 

According to Adams, the main element is, “if an agency hasn’t already broadly adopted a collaboration tool and chosen collaboration apps, standardizing on a common platform can reduce barriers across groups.”

Videoconferencing Tools for Remote Work

Kerravala agrees, and says that agencies should move away from doing most collaboration over email, adding that this would be a good time to consolidate video and team messaging applications onto a single platform, such as Microsoft Teams, Zoom, Cisco Webex or Google Hangouts.

Additionally, Adams say, agency IT leaders need to do the following:

• Enable users to securely access cloud apps from outside the agency network
• Provide secure access to on-premises apps from outside the agency network
• Scale-up access to desktop and app virtualization solutions
• Support bring-your-own-device policies to enable access to data when agency-owned devices aren’t available

“There isn’t a one-size-fits-all approach for telework eligibility and security requirements across the federal government,” she says. “However, Microsoft has various protections built into its products that we hope will continue to provide some relief during this unprecedented time.” 

Remote Work Security: Multifactor Authentication and App Integration

Adams notes that exposing on-premises apps to the internet for remote access “leads to increased complexity and a larger surface area that security teams need to protect” and, therefore, “it is important to put the right controls in place so that agencies can have confidence in knowing only the right people are accessing their applications and data.”

One way to enhance cybersecurity is by connecting on-premises apps via app proxy or a partner integration and enforcing per-app conditional access policies, such as multifactor authentication. 

Jim Stout, a senior manager at Accenture Federal Services, says that agencies need to be able to simulate, through collaboration tools, the ability for a user to walk over to a coworker’s cubicle and see if they are available for a conversation about a project.

Meanwhile, Michael Miller, senior managing director at Accenture Federal Services, says that the mission of the federal government is unique. There is a large component that is involved in providing direct services to citizens, he adds, and a lot of that involves paper. IT leaders need to ask themselves, “What do we have to do to our systems and processes to modernize that?”

Cybersecurity is a key consideration during telework, the GSA spokesperson agrees. Agencies should note that increased bandwidth may require solutions such as Managed Trusted Internet Protocol Service (MTIPS). Additionally, CISA’s interim TIC 3.0 Telework Guidance provides additional flexibility for meeting TIC security requirements while rapidly expanding telework capabilities, the spokesperson says. 

MORE FROM FEDTECH: How to ensure your VPN can handle work-from-home traffic. 

Project Management Tips for Successful Federal Government Telework

The GSA spokesperson notes that telework success is “less about the tools and more about [getting ] the stakeholders involved to find and procure the right solutions.” 

Agencies must have “the right plan and have key stakeholders at the table from the beginning,” the GSA spokesperson says. “It is a team effort, and everyone from leadership, acquisition experts and programs to the technical staff must be brought in, with the ultimate goal of finding the correct teleworking capabilities that can be delivered.” 

A key factor in successful telework is simply ensuring users have adequate bandwidth, Kerravala notes. If they have a strong broadband connection, then videoconferencing tools can be used; if they don’t, then audio-only communication may be required, he says.

In terms of security, federal government telework presents the opportunity to shift to Zero-trust security models and give users access only to the data and apps they need to, and not trust anyone from the outset. Clicks on random links are likely to go up with more users working from home, Kerravala says, which can lead to more successful phishing attacks and malware getting onto users’ devices.

For project management, agencies need tools such as Zendesk to manage work. “It’s necessary,” Kerravala says. “You have more people in more places. You can’t have a manager come around to everyone’s desk.”

Delmolino says agencies need to ensure every user has the necessary training and equipment for telework and that they have secured their communication channels.

“Can you do security management now further out from users, networkwise?” he says. “Do people know the contact for getting help to work remotely?”

Federal Government Telework: Best Practices for Videoconferencing

Agencies should understand the use cases of how the agency is leveraging the tools they are using for telework, the GSA spokesperson says. 

“There is a big difference in being able to use a web conferencing tool for staff meetings versus hosting large-scale virtual conferences with hundreds of participants,” the spokesperson adds. “If the agency’s IT staff can understand how the technology will be used, then the right amount of resources can be dedicated to the tool so it works properly.”

There are multiple tools for agencies to turn to for enabling collaboration while users telework. Here are best practices for using some of them.

How to Use Google Meet

When Google Meet is on, users can start a meeting from a browser, a mobile phone, or a Google Calendar event that includes a video meeting link, Google notes. Users can also start or join video meetings in just one click from Gmail on their desktop.

Admins can change settings to allow users to join video meetings, create video meetings and manage premium Meet features, such as joining a meeting by phone, and recording and streaming meetings.

With Google Meet, agencies can host meetings from anywhere with up to 250 participants, record for later viewing, or livestream to up to 100,000 people.

How to Use Zoom

On April 27, Zoom released Zoom 5.0, with stronger security features. With AES 256-bit GCM encryption, Zoom says it will provide “increased protection for meeting data and resistance against tampering.”

After May 30, 2020, all Zoom clients on older versions will be required to upgrade before joining meetings.

Zoom says agencies need to first get the right license and software downloaded, set up the software and ensure that users have the necessary webcams and audio peripherals. Then, users need to be trained on features such as screen sharing, whiteboarding and integrating their calendars.

How to Use Microsoft Teams

When first setting up Microsoft Teams, the most essential best practice is to define which of the four available security configurations (Baseline – Public, Baseline – Private, Sensitive and Highly Sensitive) is needed for the agency, Adams says. 

“This critical step will determine an agency’s level of protection as it limits the ability to access and collaborate on files stored within teams,” she notes.

IT admins need to make sure everyone has access to Teams, using the free six-month Office 365 E1 offer or the more premium version of Teams, according to Microsoft.

“If you already have a subscription that includes Teams, turn it on for everyone,” notes Microsoft. Admins also need to “understand how to get your organization started with Meetings and live events in Teams.”