Federal Telework: How Agencies Can Create a Sustainable New Normal

Creating a New Working Normal

The Defense Department offers a prime example of how agencies are attempting to strike that balance. In March 2022, Deputy Defense Secretary Kathleen Hicks issued a memo noting that flexibility and communication would be paramount as DOD components figure out the best work setups for their civilian employees. Absent any urgent or compelling mission needs, civilian employees who have been on full-time telework or have work schedules that differ from their organizations’ regular schedule must be given 30 days’ notice in writing prior to being recalled to the office or having their schedules changed. 

Supervisors may adjust work locations and schedules for DOD civilian employees who aren’t in those categories, the memo notes. At the same time, the memo praises the department’s use of telework.

“Continuation of flexibilities used during the COVID-19 pandemic increases the DOD’s efficiency and effectiveness, as well as allows the Department to better attract and retain those with the necessary skills and abilities needed to accomplish current and future missions,” the memo states.

While it appears the Pentagon is trying to thread the needle here, the 2023 Defense Authorization bill requires the department to come up with uniform guidance by April on when flexible work arrangements will be allowed.

The DOD’s approach is laudable in that it recognizes the benefits of telework while providing agency components with the ability to bring employees back to the office if that is what the mission requires. As agencies plan for the future, this kind of flexibility will be crucial.

LEARN MORE: About approaching zero trust in hybrid work environments. 

Making Security Dynamic from Home

At the same time, if more federal employees will be working remotely or in hybrid environments long-term, agencies need to ensure such arrangements don’t compromise their cybersecurity.

As agencies move to adopt zero-trust architectures, this will be imperative. Agencies need to ensure they implement policies of least privilege, which limit employees’ access to only the data and systems they need to do their jobs, including on their mobile devices.

Further, identity and access management tools should be dynamic in how they identify users and their behavior so they can recognize and respond to anomalous activity, even by previously verified users. IT security teams must define the legitimate access needs of all employees and develop efficient means of enforcing the policies that apply to those users.

The Way Forward Post-Pandemic

Agencies have invested in numerous tools to support remote and hybrid work. Now, IT leaders need to commit to supporting those tools long-term to maintain flexibility for users.

Finding the right balance among in-office, hybrid and remote work options is a challenge for all agency leaders. It is definitely daunting to manage the cross-cutting pressures to bring employees back to offices, give users the freedom they want to work from anywhere, maintain cybersecurity and keep productivity up.

Agency leaders should strive for flexibility, avoiding a one-size-fits-all approach for how work is accomplished. Their North Star is continued support for their mission while keeping their agencies and staff secure.