VA Laptop Scandal – One Year Later
It’s been a year since Federal employees lost laptops containing information on approximately 26.5 million people, including active military members. Telework Exchange recently announced the results of a new study, “Feds Walking the Talk on Security – One year after the VA laptop scandal, is Fed’s data still going AWOL?” Telework Exchange is a partnership that focuses on demonstrating the value of telework and serves to educate Federal telework employees and communication requirements. Teleworkers are employees who regularly work at an alternative worksite during normal working hours on either a full-time or part-time basis.
The survey highlights the security issues that have been addressed in the past year and the ones that haven’t.
• The Federal government has seemingly become more mobile. Over 40% of employees are using laptops for their work, almost half of which moved to laptops in the past year. Fortunately, mobile employees and teleworkers, while still not entirely secure, are better off than the majority of their regular in-office counterparts.
• After the VA laptop scandal, the government responded favorably and provided training for federal employees. Forty-eight percent of employees received training and 47% of government agencies updated encryption and protection software for employees’ computers. Unfortunately, there are still some agencies that have yet to address this issue. Sixteen percent of employees’ agencies had no reaction to the scandal.
• The study notes that almost 95% of all teleworkers have received adequate security training and are aware of agencies security policies and procedures. This is compared to 87% of traditional in-office employees. Similarly, 94% of teleworkers’ computers are equipped with anti-virus software, as opposed to just 75% of regular workers.
• The largest area of concern is the “unofficial teleworker”. The “unofficial teleworker” is an in-office employee who will take home work on nights or weekends. Of this third category of workers, 54% of workers carry files home, and 63% percent are using their own computers. This creates an uncontrolled environment in which agency data is being accessed. The study recommends that agencies train these “unofficial teleworkers” as though they were teleworkers. Only by ensuring that these employees know how to handle data outside of their office environment, and by making sure all computers are protected and data is encrypted, can we be confident that another incident like the VA laptop scandal be avoided.
