At one major US agency, some officials have resorted to holding meetings on iPhone group calls because the regular conference bridges haven’t always been working, according to one federal employee. But the workaround has its limits: The group calls support only five participants at a time, the employee noted.
“Things have worked better than I anticipated, but there are lots of hiccups still,” said the employee, who spoke on condition of anonymity because he is not authorized to speak on the record.
As they increasingly log on from home, Americans are having to meld their personal technology with professional tools at unprecedented scale. For employers, the concern isn’t just about capacity, but also about workers introducing new potential vulnerabilities into their routine — whether that’s weak passwords on personal computers, poorly secured home WiFi routers, or a family member’s device passing along a computer virus.
“All it takes is one of their kids to get [electronically] infected and it spreads inside the house,” said Marcus Sachs, a former vice president for national security policy at Verizon.
From there, experts say, malware could easily jump from a compromised employee’s machine into a connected office network.
A big test for government computer systems
This year, those numbers may shift dramatically.
“I’m sure every agency right now is scrambling to load-test their VPNs and access points to make sure not just 10 or 20 percent of their workforce can log on, but 70 or 80 or 90 percent,” said the former chief information officer of a major US agency. “That will be a challenge, for sure.”
Not all government agencies use VPNs exclusively anymore. As online storage and computing platforms have taken hold in corporate America, so too have they spread in government IT systems. Now, it’s more common to see civil servants logging into cloud-based applications and services from wherever they are.
Others may not have access to office computing devices that they can take home with them — either because they were never expected to work remotely, or perhaps because their work may be extremely sensitive.
How the intelligence community is adapting
Among the federal workers most hamstrung by efforts to reduce their presence in the workplace are members of the intelligence community. Working on topics and systems that are classified makes it difficult at best to work from home, if not impossible.
“There are some very senior military and government officials who have the capability to do up to Secret [work] from their house, but we’re talking about four-star generals and admirals and things like that,” said Jamie Barnett, a retired US Navy rear admiral and senior vice president of government services for the secure communications firm RigNet.
“For other classified work, there’s going to be limited facilities to be able to do that,” Barnett added, “so that’s going to take some grappling.”
Agencies have already enacted safety measures and made leave policies more flexible. The Office of the Director of National Intelligence — which oversees 16 different intelligence agencies — says it is “reducing staff contact88 through a variety of options including staggered shifts, flexible schedules, and social distancing practices.”
In a business that demands 24/7 attention, the agencies “are also developing and implementing appropriate response plans” an ODNI spokesperson added.
Dealing with COVID-19, however, “is a contingency for which the IC never prepared,” said former National Intelligence Council chairman Greg Treverton.
Some who work in intelligence are contractors who, due to contract provisions, must physically report to a government facility and do their jobs under direct oversight, said the former CIO. It’s possible those contracts may be reinterpreted in light of the coronavirus crisis, he said.
Intelligence officials certainly have technology and practices that would make them among the most digitally secure to work outside the office, but they’re still exposed. In the best of times, for example, intelligence officials can’t even bring their mobile phones into the workplace, recognizing the security risk that they are.
Working at home, “you get more vulnerable and you get much less efficient because you’re being careful,” adds Treverton, who said that for the country at large, the security issues associated with teleworking are an “enormous vulnerability.”
Still, the rise of cloud computing means many workplaces are in a much better position for telework than they were even a few years ago.
“If this had happened five years ago, I would guess that a very, very large percentage of government employees would not be able to remotely access their systems or do anything from home,” said Gordon Bitko, a former FBI chief information officer. “Today, that’s definitely not true. I can’t speak to every agency, but it’s far, far greater than it was.”