How to prepare for the telework act’s mandates
Telework Enhancement Act¹s requirements force agencies to consider security, policy implications
The passage of the Telework Enhancement Act in December 2010 underscores the growing need for better secure remote access to ensure that only authorized users gain access to government networks and information. As mandated by the law, federal agencies must improve the use of telework as a strategic management tool.
The law requires agencies to notify all federal employees about their eligibility status for telework by June 9.
Other important telework policies and programs to be set up by the June deadline include:
- Establishing a policy authorizing eligible employees to telework.
- Requiring a written telework agreement between employees and managers to ensure that telework doesn't diminish employee or agency performance.
- Providing an interactive telework training program, to be completed before the signing of the telework agreement, to employees who are eligible to telework and their managers.
- Requiring each executive agency to incorporate telework into its continuity-of-operations plan.
In February, the Office of Personnel Management issued its annual Status of Telework Report to Congress with information about the number of federal teleworkers. The report found an increase of 11,046 in agency-reported teleworkers from 2008 to 2009. This brings the agency-reported federal government total to 10.4 percent of eligible employees teleworking, or 5.7 percent of all federal employees.
Meanwhile, other industry reports indicate the number of federal employees teleworking may be higher. According to a report in January by the Government Business Council, sponsored by CDW-G, 89 percent of federal workers surveyed reported that they work outside the office, more than half of them at least weekly.
Although 97 percent of federal employees are required by their agencies to use authentication measures such as passwords, security tokens and biometric identifiers, most take still more security precautions to protect agency data. Respondents noted that they proactively lock their screens when they are away from their computers and only use secure network connections and agency-issued machines to further secure information.
“Today's cyber criminals have multiple routes for illegally acquiring information, whether by stealing physical machines, tapping into unsecure wireless networks or propagating malware,” said Andy Lausch, vice president of federal at CDW-G. “Federal employees — the majority of whom spend at least some time each week working remotely — keenly understand that they must take extra steps to secure confidential and sensitive agency data.”
Most of the respondents surveyed agreed agencies could improve the functionality, responsiveness and ease of use of IT offerings provided outside of the office. While away from their regular offices, respondents perform routine tasks including checking work-related e-mail messages; reading, composing or sending work-related documents; and participating in work-related calls. Seventy-one percent of respondents said they are eligible for telework. In addition to working from home or a telework center, respondents said they work remotely while in transit to work, at another agency's office, from program sites and while traveling.
What agencies should do
In a recently published report titled "Implementing Telework: Lessons Learned from Four Federal Agencies" by Scott Overmyer, professor and director of the master's degree program for information systems at Baker College in Flint, Mich., made recommendations for what agencies should do now to comply with the telework law, including developing a comprehensive telework plan.
This plan should be part of the agency’s mandated effort to establish policies for telework eligibility and determine employee eligibility. In addition to including information on eligible positions, Overmyer said the plan should answer the following questions:
- What is telework, and how does it function for the employer and employees?
- What is expected of the teleworker?
- What is expected of the organization?
- What organizational positions and job responsibilities qualify for telework?
- What is the agency telework training plan?
- How will teleworker performance be evaluated?
- What are the continuing education requirements and opportunities for teleworkers?
Also, agencies should be working on clear, written policies and telework agreements, according to the report. Written policies outlining the roles and responsibilities of teleworkers and managers are crucial, Overmyer said, so there will be no misunderstanding of expectations.
To comply with the new law, training for employees and managers should receive high priority. At a minimum, training should address management and performance, in addition to information technology, software and security. Managing an increased number of employees from a distance will require special skills and techniques.