Post-pandemic telework infrastructure
With a year of telework experience and the prospect of hybrid remote-office operations on the horizon, IT leaders are drafting plans for long-term secure access and more effective collaboration.
CIO, National Transportation Safety Board
CTO, Global Talent Management, Human Resources Executive Branch, Department of State
Trusted Internet Connections Program Manager and Senior Cybersecurity Architect, Cybersecurity and Infrastructure Security Agency
Telecommunications Branch Chief, Defense Information Systems Agency
Senior Technical Advisor, Department of Transportation
Portfolio Manager, CDM DEFEND, CISA
Deputy CIO for Operations, Internal Revenue Service
Juniper Fellow, Juniper Networks
CIO, Export-Import Bank of the United States
CTO, 128 Technology, Juniper Networks
Note: FCW Editor-in-Chief Troy K. Schneider led the roundtable discussion. The April 13 gathering was underwritten by Juniper Networks' 128 Technology, but both the substance of the discussion and the recap on these pages are strictly editorial products. Neither the sponsor nor any of the roundtable participants had input beyond their April 13 comments.
A group of federal IT leaders recently gathered to explore approaches to IT infrastructure challenges. The discussion was on the record but not for individual attribution (see sidebar for the full list of participants), and the quotes have been edited for length and clarity. Here's what the group had to say.
A full 12 months into maximum telework when the mission allows, the participants agreed that structuring most systems to be location-agnostic was no longer the issue and that a solid foundation was in place.
One surprisingly persistent question participants wrestled with was how much hardware to provide for remote workspaces. "It's really fine-tuning what telework means, not only from the standpoint of does your position allow you to work full-time from home but then what are the additional tools that you need?" one official asked.
Employees at that agency have been given headsets, "and they've also been able to go to the office and take their wireless keyboard and mouse home and things like that," a participant said. "But when you look at the private sector, they've been giving stipends and providing funding to build your own office."
Agencies have provided computers and mobile devices, but employees are increasingly asking for "the same things they had in the office," one participant said. "They started saying things like 'I want three monitors to plug in at home,' or 'How about an office chair?' So we've been dealing with policy stuff and trying to formulate what we should be providing and what we should not."
No telework without telecom
Another unresolved challenge is secure and sufficient connectivity. "The only pain point we had when we had everybody go remote was the bandwidth," one official said. "Because of the Trusted Internet Connections program, everybody had to go to our cloud through our trusted internet connection. And we had to really scale it up."
That experience was not uncommon, another official confirmed, adding that "some agencies were waiting on the TIC remote-user use case to be released for the acquisition process to start."
With the increased importance of videoconferencing and real-time document sharing, another said, "we need to drive forward to Class 5 routing. If you're really going to want to have some people audio, some people video and assemble the workforce on multiple security planes, maybe direct dialing is one of the aspects we really need to get to empower the workforce. It's one of the deficiencies that we're trying to prioritize."
"You can't have telework without a focus on telecom," another official said. "And the federal space especially has allowed itself to be almost in vendor lock with small office building-based solutions that CIOs traditionally have a very hard time federating across the physical space and virtual space. I think it's time the federal government starts to follow the commercial example for centralized carrier-based telecom solutions and away from these small office PBX exchanges. It's about 10 years behind the interoperability and open standards of the transport layer. It's long overdue."
"The workforce has shifted from inside-the-building-out to outside-the-building-in, and we spent decades hardening the building and compartmentalizing all our information," another official said. "As you start to merge the application layer, there are strict prohibitions to video, for example. And as we collapse the edge, we're finding a lot of incompatibility, and we're excluding our workforce. So our roadmap is to really focus on what's an inside-the-building versus an outside-the-building mission and try to enable those efforts."
There are also specific processes, such as digital signatures, that continue to cause friction. "We have a remote desktop that you can log into and do digital signatures," one participant said. "We can't do digital signatures virtually, and that's been a big problem, especially if you're an executive where you're signing official documents. I'm constantly logging in through a Citrix connection to access local resources to do digital signing of documents and things like that." The tension between security and productivity is still there, so "how do you adjust your workflows to accommodate that?"
To move away from such local-network approaches and still ensure security, the group agreed that agencies need a more data- and identity-centric approach to security. "You need to make sure that you have extreme logging for all the tools that you're using," one official said, "and all your applications should have granular access controls."
The Cybersecurity and Infrastructure Security Agency is taking steps to help deliver the necessary data, other participants said. A key focus is the Cloud Log Aggregation Warehouse. CISA is "moving its sensors closer to the edge to recognize what's going on in an agency's environment — closer to where the agency's cloud environments are," one official said. "This is us distributing our systems to help the agencies as they move forward."
Several said the emphasis now is on supporting better collaboration among far-flung team members.
"If you begin with the assumption that there's more work that's going to be done remotely," one official said, "the other piece of the roadmap that we're looking at a lot more carefully is how collaboration occurs — particularly if you're assuming that there's always going to be a remote presence in that collaboration."
Another raised the "pedestrian" but important question of "how do we equip our conference rooms on site to allow people who are working remotely to feel part of the meeting, to feel totally engaged? It seems pretty straightforward, but we're finding that it's not. It's actually going to be quite expensive."
A third participant said hybrid collaboration "also affects document management strategies, including workflow and a lot of interactions that with a physical presence are handled one way but require a technology approach that's a little bit different when you have that remote assumption."
Although several participants said their organizations' adoption of Microsoft Office 365, Teams and other platforms had proved invaluable, the human habits were still a work in progress. "How you engage with the tools and how you behave in a collaborative context can have a big knock-on effect on how your colleagues experience the collaboration," one noted. "If we don't pay attention to behaviors, oftentimes we can be very suboptimal with the use of the tool. So another thing we're thinking about is a lot more outreach and proactive evangelism about how we want to see people interact with the technology."
Finally, the group agreed, the variety of platforms being used continues to pose challenges. "Our entire environment in our building is locked down," one official said. "So it's been quite challenging when people pop up and say, 'Oh, here's the Zoom meeting. Here's a this meeting. Here's a that meeting.' If you're on site — in some cases we do have a lot of on-site presence — we couldn't even participate in some of these collaborations."
In the end, several executives said, many employees prefer this post-office model, and a satisfied workforce is more productive. "We've been doing more work than we ever have, and everybody's happy," one said. "So I think that's going to stay. I'm wrestling with it, and I have the luxury that my leadership has said that I can determine my telework posture as an IT organization."
A longer version of this article was first posted to FCW, a sibling site to GCN.