Industry leaders to Congress: Boost IT, cyber infrastructure for telework at federal agencies

Federal agencies can take steps to improve the security of their systems to keep up with the changing demands of a remote workforce, industry leaders from Deloitte, Williams Companies and other firms told a Senate Homeland panel at a hearing Tuesday.

The COVID-19 pandemic has brought an increased urgency for Congress “to look at the current telework practices to see what is working and not working for the federal workforce and learn lessons from what is happening in the private sector,” Sen. James Lankford (R-OK), chairman of the Senate Homeland Security regulatory affairs and federal management subcommittee, said at the hearing.

The subcommittee heard testimony from Deloitte’s Sean Morris, Williams Companies’ Lane Wilson, Reconciled’s Michael Ly and Acronis SCS’ John Zanni. “Deloitte’s workforce model is designed to be adaptable to a ‘work from anywhere’ environment. Due to the nature of our work, across offices, client sites, and travel in between, we were technologically and culturally primed for a quick transition to almost fully virtual work once COVID-19 necessitated the closure of our office locations and client sites,” Morris said in his written testimony.

Morris outlined four areas that lawmakers should consider to improve the telework experience: “IT infrastructure & cybersecurity, real estate & location footprint, performance management, and employee engagement.” Williams had a “relatively smooth” transition to a majority work-from home workforce, Wilson said.

The natural gas company adapted to “an increase of 1,300 VPN connections” and had to shift their “Knowledge Workers from their IT function to the Help Desk to help support the increased call volume.” “Hiring new Help Desk employees during this crisis has been a challenge, as the onboarding of new Help Desk employees is dependent on in-person shadowing and acclimation to the new IT protocols and environment that currently cannot be done remotely,” Wilson said. “Had this telework transition been planned, we could have addressed the expected Help Desk inquiries with additional staff before the transition happened; moving forward we are looking into a cloud-based product to remove the current onboarding limitations.” Wilson said, “Looking forward, we recognize that for more task-oriented workers, telework may continue to be an option that is offered beyond the days of this pandemic. But we are also very cognizant of the value of in-person collaboration and idea generation that happens organically in an office environment. Balancing these two factors is important, and while we have not made any final decisions around a long-term telework policy at this time, we will continue to track efficiencies and productivity measures to help inform our path forward.”

Online accounting firm Reconciled has developed “keys to remote success,” Ly said. These values revolve around developing a “clearly stated culture;” “leveraging cloud-based technology;” defining “role expectations and outcomes;” establishing “regular and consistent communication;” incorporating “schedule flexibility;” and encouraging their employees to take breaks. Acronis SCS CEO Zanni said, “Whether COVID-19 subsides next week or next year, it is clear that increased telework flexibility is in America’s long-term future.

In light of the threat landscape described above, there is little time to waste in building digital resiliency and strengthening cyber hygiene. Far too often, commercial and government needs are placed at odds with one another when it comes to cybersecurity. That reality must change — but it will take more buy in and collaboration from all sides of the equation, including private companies, Congress, and federal, state, and local government agencies. On the private sector side, companies must make a more robust commitment to consider public sector needs when developing solutions to cyber challenges.” — Sara Friedman (sfriedman@iwpnews.com) Sara Friedman

This article was written by Sara Friedman from Inside Cybersecurity and was legally licensed through the Industry Dive publisher network. Please direct all licensing questions to legal@industrydive.com.