Telework tool: A DOD innovation goes wide

Technology could help compliance with telework legislation

Agencies could soon find themselves managing more teleworkers: The Senate passed a bill Sept. 30 setting a deadline for determining employees’ eligibility to telework.

Although the bill still has a few hurdles before it becomes law, its chances are good. Managers who are concerned about allowing secure access to employees who aren’t using agency-issued computers have a tool available already, courtesy of the Air Force Research Laboratory.

The Telework Improvements Act of 2010 (H.R. 1722), currently awaiting a House compromise after the Senate’s passage, would give agencies 180 days to determine the eligibility of all employees to telework, establish telework policies and include telework as part of continuity-of-operations plans.

COOP was a concern of the Air Force lab’s Defense Research and Engineering in 2009, when the H1N1 flu pandemic raised the possibility of employees having to work from home. The lab was looking for an inexpensive way to ensure endpoint security.

“The challenge is to enable telework for workers at home without buying them a computer,” said Richard Kutter, a senior electronics engineer at the lab.

The lab developed a bootable CD using Lightweight Portable Security, an inexpensive, easy-to-use tool that had been available in a public edition since 2008. LPS uses open-source software and works with most Windows, Mac and Linux computers to create a nonpersistent, trusted end node for secure browsing, cloud computing or network access.

The Defense Department Office of the Chief Information Officer approved LPS-Remote Access in December 2009 for COOP. More than 30 DOD organizations, with more than 58,000 employees, have adopted it since. A free public version, LPS-Public, has been downloaded more than 35,000 times.

LPS boots a Linux operating system from a live CD and installs nothing on the client computer, running only in RAM to bypass any local malware and leave no record of the session. Its footprint is small, taking up only 124M and requiring only a Pentium II or later processor and 384M of RAM.

Another version of LPS-Remote Access is being developed for the U.S. Cyber Command, recently established at Fort Meade, Md.

About the Author

William Jackson is a Maryland-based freelance writer.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.

Featured

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

  • Shutterstock image.

    Merged IT modernization bill punts on funding

    A House panel approved a new IT modernization bill that appears poised to pass, but key funding questions are left for appropriators.

  • General Frost

    Army wants cyber capability everywhere

    The Army's cyber director said cyber, electronic warfare and information operations must be integrated into warfighters' doctrine and training.

  • Rising Star 2013

    Meet the 2016 Rising Stars

    FCW honors 30 early-career leaders in federal IT.

Reader comments

Tue, Oct 26, 2010

There is 1 DoD agency - DISA - that is doing telework to the fullest extent. It is a great model for what all of the Government should be doing.

Wed, Oct 6, 2010 sweerek WPAFB

LPS is called "lightwieght" for many reasons, one being the level of security. LPS only provides security from the kernel on up and in writeable memory. All below the kernel (hardware, BIOS, firmware, etc.) is untrusted. This is supplemented by its bypassing of any resident malware and non-persistance -- the harddrive is not touched and everything remains in RAM. The ATSPI Technology Office offer "heavier" trusted solutions the extend trust down to hardware levels.

Wed, Oct 6, 2010 bwhunan Washington DC

A bootable CD, while an interesting solution, assumes the hardware it is being run on is trusted. A bootable CD does not alleviate security concerns regarding hardware vulnerabilities.

Wed, Oct 6, 2010 sweerek WPAFB

LPS boots without CAC authenication. LPS contains many, layered security measures with LPS-Remote Access having the strongest measures. Both were built per ATSPI's 3 Tenets of Cyber Security. CAC authentication occurs on the server side in order to access restricted content... just like all(?) DoD websites and VPNs.

Wed, Oct 6, 2010 sweerek WPAFB

LPS was created and is supported by SPI. The Air Force Research Laboratory’s ATSPI Technology Office (AFRL/RYT) manages the Director Defense Research and Engineering’s (DDR&E) DoD Software Protection Initiative (SPI). SPI is a Government organization.

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group