Some of DOD's telework changes could be permanent
- By Lauren C. Williams
- Apr 15, 2020
A new emphasis on telework at the Defense Department in response to the COVID-19 pandemic could change work culture at the Pentagon, officials said.
DOD rolled out the CVR or Commercial Virtual Remote environment to handle the deluge of teleworkers March 27. It now has 900,000 user accounts with 250,000 added in a single day, officials said at an April 13 briefing. CVR is a collaboration suite based on Microsoft Teams that enables video, voice and text communications.
"The department has always been telework-ready long before the pandemic," DOD CIO Dana Deasy said, but noted full-time telework was the exception and not the rule, so that a lot of education about tools and best practices was needed.
"There will be some permanency to what we have here. Specifically, I think more on the network side, and we will also have to create a base of teleworking equipment that we'll be able to, in some cases, reuse for other purposes," Deasy said. "There is going to be an enhanced teleworking capability that will be sustained at the end of COVID-19," he added.
About 2,000 DOD personnel have gotten additional devices, officials said, with virtual internet service provider connections increasing 30%. Call capacity in the Pentagon has increased 50% and the Defense Information Systems Agency has increased end point capability three-fold.
The Navy's telework capacity has exploded with 65,000 new telework users on mobile and desktops. The Navy's telework capacity grew 150% to 250,000 workers due to COVID-19 measures, and there are additional plans to bring the total to 500,000 remote workers. The Marines increased their virtual private network capacity to 60,000 simultaneous workers, up about 80%.
This activity is creating a surge of data, and it's still unclear what happens to CVR information after the crisis.
"We recognize that a lot of data is being created, it's going onto an unclassified environment," DOD CIO Dana Deasy said, in response to a question about how CVR data will be treated after the COVID-19 crisis is over. "We are looking at options on how do we take this data and preserve it and-or port it into other collaboration environments, going forward. That decision has not been taken, but I would also not pre-conclude that we've taken the decision the data will just be flat-out destroyed."
Cybersecurity concerns, and the increased data risk, have risen in tandem with teleworking and is compounded by DOD not implementing all of its cyber hygiene initiatives.
Air Force Lt. Gen. Bradford Shwedo, Joint Staff CIO, said DOD has seen a "surge of spearphishing related to COVID-19" across the organization.
Essye Miller, DOD's principal deputy CIO, first noted the uptick in cyberattacks in March when the department began encouraging mass telework, discouraging personnel from using streaming services on DOD's network and encouraging better cyber hygiene practices.
A Government Accountability Office report released April 13 found that DOD has fallen short when it comes implementing proper cyber hygiene methods across the organization.
The GAO said DOD had not fully implemented cyber training briefings for DOD leadership or developed educational and training requirements for cyber workers. Additionally, a component of Cyber Command charged with network operations, the Joint Force Headquarters Department of Defense Information Network, hadn't developed a plan for scheduled and unannounced cybersecurity inspections, according to the report.
In a letter responding to the report, Deasy said DOD would combine existing scorecards to improve data needed for senior leadership's decision making, but that it was not possible to eliminate risk.
"Risk is a function of multiple variables and these variables are continually evolving," Deasy wrote to GAO. "Timely, relevant, and correlated information is the best that can be expected."
This article first appeared on FCW, a partner site with Defense Systems.
Lauren C. Williams is a staff writer at FCW covering defense and cybersecurity.
Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.
Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.
Click here for previous articles by Wiliams.