Army medallion. Patrish Jackson. Shutterstock ID: 1570671799

Cyber

Army rolls back IoT restrictions for teleworkers

The Army has rescinded its policy restricting internet of things devices, such as smart TVs and smart watches, from telework spaces to prevent data leaks.

The Army announced the policy, which targeted internet-connected devices, was intended to "mitigate data leakage of official government information" and outline conditions so that Army personnel can "protect and safeguard DOD information" and systems, in a now deleted Twitter post linking to a memo dated May 25.

Jason Waggoner, an Army spokesperson, told FCW via email the "memo was removed" and "the policy is not in effect and additional staffing actions are required."

The short-lived policy comes as lawmakers push for increased cybersecurity on government networks and systems amid large-scale intrusions, such as those on SolarWinds and Microsoft Exchange servers. Leaders from the House Committee on Oversight and Reform have requested the Defense Department's inspector general (and other watchdogs across government) conduct a cyber vulnerabilities assessment with a specific focus on whether "use of remote-access software to facilitate telework during the coronavirus pandemic, and whether an such vulnerabilities were effectively mitigated," according to a June 2 letter signed by Chair Carolyn Maloney, and subcommittee chairs Reps. Stephen Lynch (D-Mass.), Gerald Connolly (D-Va.), Raja Krishnamoorthi (D-Ill.), Jamie Raskin (D-Md.), and Ro Khanna (D-Calif.).

The letter comes as maximum telework policies put in place to respond to the COVID-19 pandemic morph into an enduring norm for government workers even as local restrictions are lifted amid increased vaccine rates and fewer deadly infections.

The assessment, which would be part of the annual requirement per the Federal Information Security Modernization Act of 2014, would also take a look at virtual private networks, the security of collaboration capabilities such as Cisco Webex, Slack, Zoom, and Microsoft Teams.

The Defense Department is currently rolling out a permanent version of the Commercial Virtual Remote environment -- the organization's own version of Microsoft Teams installed at the start of the pandemic in 2020.

It's not clear if the Army is planning to revise the crackdown on smart devices in telework spaces. The issue is likely to reemerge if the military services continue to offer large-scale telework even after pandemic restrictions are lifted.

This article first appeared on FCW, a Defense Systems sibling publication.

About the Author

Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


Defense Systems Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.