Addressing Teleworkers' Security and Backup Needs
Increasing numbers of government employees are teleworking either from home or a remote office at least one day per week. In spite of the array of benefits that teleworking offers to both employees and the government, the remote scenario creates new security needs, namely, keeping remote data and applications secure and backed up. Ultimately, telework programs that are established with proper security measures will realize more benefits than those that didn’t make remote security a priority.
Addressing Teleworkers' Security and Backup Needs
By Stacey McDaniel
Increasing numbers of government employees are teleworking either from home or a remote office at least one day per week. In spite of the array of benefits that teleworking offers to both employees and the government, the remote scenario creates new security needs, namely, keeping remote data and applications secure and backed up. Ultimately, telework programs that are established with proper security measures will realize more benefits than those that didn’t make remote security a priority.
Eight Years Ago
In 2000, Congress enacted a law designed to establish telework policies. The intention of the initial law was to promote flexibility, reduce physical office space requirements and make government jobs more appealing to candidates. A secondary -- but no less compelling -- reason for telework policies was to be prepared should a pandemic outbreak, terrorist attack or any other disasters occur. Since 2000, the rise in the number of laptops, broadband and Wi-Fi connections in homes, Webmail accounts for e-mail, and Web portals for remote access have made telecommuting more convenient and feasible than ever.
Acknowledging the Need for Security
According to a study released in August 2007 by the Telework Exchange, "Remote Control -- Federal CISOs Dish on Mobility, Telework and Data Security," 83 percent of federal CISOs expressed strong interest in mobile endpoint certification for compliance with the Federal Information Security Management Act (FISMA). FISMA’s requirements include frequent risk assessments and enacting policies and procedures to address the risks found. In addition, FISMA expects agencies to have a sound backup and recovery plan in place to minimize the potential for government data to be lost or corrupted in the event of an emergency.
Because it is difficult for government IT teams to manage and enforce the agency’s required security and backup measures on privately owned laptops, more agencies are issuing government-owned laptops to teleworking employees. This allows IT managers to better enforce security policies across the agency’s hardware.
With the teleworking mandate in place and concerns about remote security growing, typically short-staffed government IT teams are looking for ways to address security and backup needs that are both effective and easy to manage. Luckily, technology has evolved to a point where it’s become easy to provide security, backup and recovery for remote devices.
Security Measures for Remote Devices
Installing a personal firewall on each remote endpoint, as well as virus, spyware and intrusion protection and network access control is ideal to keep the devices safe from threats. In addition, Nancy Lambert, a senior analyst at Forrester Research, recommends using client management software so IT can keep track of what’s being installed and executed on remote machines. Lambert also says that installing full-disk encryption on laptops that will be traveling with employees is a good idea. That way, if the device is lost or stolen, an unauthorized person cannot access the data contained on the machine.
Simplified Backup and Recovery
IT managers who ensure that all agency data inside the office is being regularly backed up must give the same attention to the data being created and accessed remotely by teleworkers. In fact, mobile devices can be even more prone to accidental loss or damage than those used in-house, increasing the vulnerability of the data stored on those devices. To address this, automatic, continuous backups of remote devices should be made to an off-site location -- so information can be retrieved even if the original device on which it was created has been lost.
In today’s IT environments, backup is not enough. Agencies must be able to recover data and applications in seconds -- including data on remote devices. Today’s recovery solutions make it easy to restore remote data to “any point in time.” In fact, today’s restoration technology enables IT staff to manage the remote backup and recovery process from any desktop, laptop or Pocket PC, and Web-based file retrieval is available to empower employees to retrieve their own files.
The government is expected to continue operations in the face of emergency, in times of disaster and certainly after a simple hardware malfunction. Having backup and recovery solutions in place for remote workers will ensure that these employees will be able to continue working in good, and in bad, times.
Conclusion
Within government, enabling a number of employees to telework is not only encouraged, it’s mandated in many cases. Government IT managers are looking for ways to extend the agency network outside the physical office boundaries without compromising security -- and overtaxing the already stretched thin IT staff. The good news is today’s security technology, including crucial backup and recovery solutions, is available for precisely these scenarios. In addition, the whole backup and recovery process can be managed from a centralized console, easing the IT burden while effectively securing teleworkers.
Stacey McDaniel has been writing about high-tech issues for more than six years.
Local Articles
Internet
Home