Are VA techies slacking off on Yammer?

Things got a little loose on the in-house social network at the Department of Veterans Affairs, and the agency's watchdog is cracking down.

Under then-CIO Stephen Warren, VA adopted Yammer, an Microsoft-owned online business collaboration platform that aims to keep workers connected.

In addition to work-related communications, however, employees created private groups for off-topic chats and posted comments, videos and jokes. According to a report by VA's Office of Inspector General released Aug. 17. those discussions were "non-VA related, unprofessional, or had disparaging content that reflected a broad misuse of time and resources."

The report says a group called Swap Meet drew 267 members interested in buying and selling personal items. A Young Professionals Group allowed members to network and arrange the "occasional happy hour," and a Geek Jokes forum attracted 584 members.

The OIG isn't going after VA message boards out of sheer pique. According to the report, multiple security concerns were associated with the way Yammer is run on VA networks. For instance, there was no system to ensure that former employees and contractors had their access privileges revoked once they left VA service.

Additionally, "the relatively simple process to post to Yammer...made VA vulnerable from [a] user uploading, on purpose or accidentally, personally identifiable information (PII), protected health information (PHI) or VA sensitive information, [to] which any current or former employee remaining active on the site would have access."

The Yammer Notifier, an app that keeps users updated on posts and alerts, was approved on a limited basis for use at VA, but the online social network component, where the collaboration actually happens, was not authorized.

According to the OIG's tally, more than 25,000 VA email addresses linked to active Yammer accounts and another 25,609 were registered but not activated. The report found that Yammer spammed users with invitations and news of account activation and deactivation.

VA Chief of Staff Rob Nabors promised to complete a review of VA's Yammer use by Oct. 15, to make sure it met agency and federal guidelines for collaboration networks. Nabors said he would block Yammer if it was not approved.

In his written comments, he also pledged to determine whether any VA employees should be subject to disciplinary action for inappropriate use of Yammer, and to clarify which web-based social networks and collaboration tools are authorized for use on the agency's systems.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

  • Workforce
    online collaboration (elenabsl/Shutterstock.com)

    Federal employee job satisfaction climbed during pandemic

    The survey documents the rapid change to teleworking postures in government under the COVID-19 pandemic.

Stay Connected