Survey: Federal Employees Go Beyond Mandatory IT Security Requirements
Most federal employees go beyond baseline IT security requirements, according to a new survey by the Government Business Council, the research division of Government Executive Media Group, and CDW Government LLC (CDW-G), a provider of technology solutions to government, education and healthcare customers.
While 97 percent of federal employees are required by their agencies to use authentication measures such as passwords, security tokens and biometric identifiers, most take still more security precautions to protect agency data. Respondents noted that they proactively lock their screens when they are away from their computers and only use secure network connections and agency-issued machines to further secure information.
“Today’s cybercriminals have multiple routes for illegally acquiring information, whether by stealing physical machines, tapping into unsecure wireless networks or propagating malware,” said Andy Lausch, vice president of federal for CDW-G. “Federal employees -- the majority of whom spend at least some time each week working remotely -- keenly understand that they must take extra steps to secure confidential and sensitive agency data.”
The survey, underwritten by CDW-G in partnership with HP, conducted in September, captured the views of 230 randomly selected federal defense and civilian decision makers.
Respondents said they were more likely to undertake additional security precautions inside the office than outside of it. Eighty-six percent said that IT security measures have prevented them from being able to access the information they need to be productive while working remotely. Most agreed agencies could improve the functionality, responsiveness and ease-of-use of IT offerings provided outside of the office.
“Enabling access to information while ensuring it is secure is a delicate balance that agencies grapple with every day,” said Christina Morrison, public sector marketing manager, Personal Systems Group, HP. “Fortunately, advancements in security and mobility technologies can enable near-seamless computing for remote employees. Employees can not only accomplish the business of government from anywhere and at any time, but also with the same level of productivity as if they were in the office.”
Eighty-nine percent of respondents said they work outside their regular offices, and of those, 59 percent work offsite at least weekly. While away from their regular offices, respondents perform routine tasks including checking work-related e-mail; reading, composing or sending work-related documents; and participating in work-related calls. Seventy-one percent of respondents said that they are eligible for telework. In addition to working from home or a telework center, respondents said they work remotely while in transit to work, at another agency’s office, from program sites and while traveling.
“Cybersecurity becomes even more important as agencies work to expand teleworking and continuity of operations capabilities,” said Bryan Klopack, director, Government Business Council. “Even training employees on basic security techniques, such as logging off of a network when they are not using it, can go a long way toward minimizing cybersecurity risks.”