telework.gov

This page can be found on the web at the following url:
http://www.telework.gov/policies_and_procedures/telework_security/index.aspx

Skip top navigation Skip side navigation

Security *

As in the main office, security measures should cover not only information systems and technology, but all aspects of the information systems used by the employee, including paper files, other media, storage devices, and telecommunications equipment (e.g., laptops, PDAs, and cell phones). Employees who telework from home need to keep government property and information safe, secure, and separated from their personal property and information.

 

Telework Security Guidance

SP 800-46 Revision 1, "Guide to Enterprise Telework and Remote Access Security"Adobe Acrobat Version, has been published as final. SP 800-46 Revision 1 is intended to help organizations understand and mitigate the risks associated with the technologies they use for telework. The guide emphasizes the importance of securing sensitive information stored on telework devices and transmitted across external networks, and it also provides recommendations for selecting, implementing, and maintaining the necessary security controls. Draft SP 800-46 Revision 1 is a comprehensive update to the original SP 800-46, which was published in 2002.

Top of Page

 

Manager Security Responsibilities

  • Thoroughly review all telework agreements to ensure they are in compliance with agency information security policies.
  • Ensure employees receive agency information systems security training.
  • Work with employees to ensure they fully understand and have the technical expertise to comply with agency requirements.
  • Invest in technology and equipment that can support success.
  • Work with employees to develop secure systems for potentially sensitive documents and other materials.
  • Track removal and return of potentially sensitive materials, such as personnel records.
  • Enforce personal privacy requirements for records.

Top of Page

 

Teleworker Security Responsibilities

  • Participate in agency information systems security training.
  • Achieve sufficient technical proficiency to implement the required measures.
  • Provide a high level of security to any personal or private information accessed at the telework site or transported between locations.
  • Remain sensitive to individual rights to personal privacy.
  • Comply with agency policies and with any additional requirements spelled out in the telework agreement.

Top of Page

* Adapted from Telework Guide Adobe Acrobat Version [861 KB]