Business Services Industry
One Year After Veterans Affairs' Laptop is Stolen, Fed Data is Still AWOL
Business Wire, June 4, 2007
Telework Exchange Study Reveals Encryption Shortfall, Security Education Opportunity, and Telework Advantage
ALEXANDRIA, Va. -- Telework Exchange(SM), a public-private partnership focused on telework in the Federal government, today announced the results of its latest study - "Feds Walking the Talk on Security? - One year after the VA laptop scandal, is Fed's data still going AWOL?" Underwritten by Utimaco, a data security company, the study reveals that Federal data is significantly more mobile and still vulnerable. Thirteen percent of Federal employees do not have encryption on their newly-issued laptops. Pushing back the myths about telework, the study shows that Federal teleworkers are more secure than the majority of their in-office colleagues.
In June 2006, VA announced that the laptop stolen from an employee's home contained personal information on roughly 26.5 million people, including 1.1 million active military members. The study, "Feds Walking the Talk on Security?" uncovers what has changed since the Veterans Affairs laptop scandal and what still needs to be addressed in agencies' data security policies.
The study provides new insight on Federal agency employees' knowledge of their agencies' data security policies and out-of-office data security practices. Key study findings include:
Are Feds More Mobile?
The Federal government has embraced mobility. Forty-one percent of respondents note that they use a laptop for work. Out of these laptop users, 45 percent have switched to a laptop in the last year.
Are Feds More Secure?
The study highlights vulnerabilities in data security systems. Thirteen percent of new laptop users do not have encryption. Merely 48 percent of respondents said that their agency provided training after the VA laptop scandal, and 47 percent of agencies provided updated encryption and protection technology on computers. Sixteen percent of respondents said their agencies had no reaction.
Data Security Achilles Heel - Teleworkers or Non Teleworkers?
Teleworkers are defined as employees who work at alternative worksites during regularly scheduled work hours - on a full-time, part-time, or situational basis. Results indicate teleworkers remain in tune with agencies' data security procedures and training. Ninety-four percent of teleworkers have received security training, compared to 87 percent of non teleworkers, who work at the official workplace full time. In addition, 94 percent of teleworkers have anti virus on their work computers, compared to 75 percent of non teleworkers.
Going AWOL
Pointedly, the survey highlights a hidden majority of non teleworkers - the "unofficial teleworkers" - as the data security Achilles heel. "Unofficial teleworkers" are defined as employees who work at an official workplace full time, and also work at home on nights or on weekends. Fifty-eight percent of non teleworkers work at home on nights or weekends, unofficially. Out of these respondents who work at home, 63 percent use their own PCs. Fifty-four percent of non teleworkers carry files home and 41 percent log onto their agency's network from home. Agencies' data is moving in an uncontrolled environment. "Unofficial teleworkers" remain a high liability for Federal agencies.
Recommendations
Agencies need to audit the "unofficial teleworker" populations, enforce telework training practices similar to those who telework officially, and ensure that all employees are aware of how to handle data outside of the office environment - regardless of where they work. Agencies must make sure all desktops and laptops are protected and all data is encrypted.
"The study points to the inevitability mobility/security challenge," said Craig Bumpus, general manager, Utimaco America. "Employees who work unofficially at home on nights and weekends are removing data from the office - either by mobile device or by hard copy files - and working in unauthorized locations. Agencies must take the necessary security precautions to protect all computers and provide adequate training to employees on transporting data outside of the office."
"Security of Federal data is not about bits and bytes - it's about the brand of the U.S. government and Americans' confidence in their government," said Stephen W.T. O'Keeffe, executive director, Telework Exchange. "One year after the VA laptop crisis, America's information is still AWOL. It's time to get serious about security."
The "Feds Walking the Talk on Security?" study is based on a survey of 258 Federal employees. Fifty-two percent of respondents are non teleworkers and 48 percent are official teleworkers. To download the full results of the study, please visit www.teleworkexchange.com/datasecurity.> About Telework Exchange, LLC
Telework Exchange is a public-private partnership focused on demonstrating the tangible value of telework and serving the emerging educational and communication requirements of the Federal teleworker community. The organization facilitates communication among Federal teleworkers, telework managers, and IT professionals. For more information on Telework Exchange, please visit www.teleworkexchange.com.
Most Recent Business Articles
Most Recent Business Publications
Most Popular Business Articles
- 7 tips for effective listening: productive listening does not occur naturally. It requires hard work and practice - Back To Basics - effective listening is a crucial skill for internal auditors
- FAS 109: a primer for non-accountants - Financial Accounting Standards Board's "Statement 109: Accounting for Income Taxes"
- LIFO vs. FIFO: a return to the basics
- Too Young to Rent a Car? - 25-years-old the minimum age for car renting - Brief Article
- Design a commission plan that drives sales - Sales Commissions
Most Popular Business Publications
Content provided in partnership with
