Security Remains a Challenge for Telework

There has been much evidence in recent months that agencies are making progress in implementing the requirements of the 2010 Telework Enhancement Act. But some significant gaps still exist in ensuring secure remote access for federal workers, according to a new report.

In its annual report to Congress on the implementation of the Federal Information Security Management Act, the Office of Management and Budget noted that some agencies are moving toward two-factor authentication for remote access, versus previous methods that required only a user ID and password.

But overall, significant weaknesses remain in secure remote access options, OMB found. Given these gaps and the growing importance of telework, the Homeland Security Department will be publishing a reference guide in fiscal 2012 outlining designs for providing secure remote access and telework options, the report states.

The Obama administration said it also plans to collect performance metrics through Cyberscope, the federal repository for gathering FISMA data, in order to better understand and manage vulnerabilities associated with remote access through telework.

"As the number of federal employees teleworking grows in fiscal 2012 and beyond, these metrics will be examined closely and revised to address the information security and privacy risks brought by the increasingly dispersed federal workforce," the report states.