Agency-approved messaging services adjust to crush of federal telework
As the tsunami of teleworking federal employees strains government networks, messaging platforms are seeing a spike in interest for their use, companies told FedScoop.
Connecting federal employees for meetings is an important slice of the IT capacity that the government now needs as it races to replace person-to-person interactions with online communications. Google G Suite, Slack, Zoom and Cisco’s Webex Meetings and its Secure Cloud for Defense are some of the software-as-a-service applications approved by the Federal Risk and Authorization Management Program (FedRAMP) and for agency use.
Tools like Webex, which allows video and audio interactions, are replacing conference rooms, with many new federal customers being added to the company’s growing list of clients, Carl De Groote, head of Cisco’s federal division, told FedScoop on Thursday.
The messaging platform Wickr is also “ramping up” its rollout of secure enterprise communications services to the government, CEO Joel Wallenstrom told FedScoop. The Silicon Valley company is working to add hundreds of thousands of new users to its system in the next few weeks, scaling up a timeline that originally had a few thousand over the next few months. Wickr does not have its own FedRAMP approval, but stores data on secure Amazon Web Services servers that do.
FedRAMP has 177 approved cloud services providers — a list that employees who are teleworking can use to find secure messaging platforms, Robin Carnahan, former director of state and local practice at 18F, during a virtual Code for America summit March 12.
“It really is an easy way to prove to your leadership team that these things are well-vetted and approved and aren’t going to cause big security problems,” Carnahan said.
Agencies know they need more IT capabilities to meet the demand that may remain at “maximum telework” for weeks or months due to the novel coronavirus pandemic. Tuesday the Office of Management and Budget requested more than $45 billion for supplemental funding, tens of millions of which could go to boosting IT for telework. The appropriations are expected to be added to a massive economic stimulus bill that Congress is writing in response to the pandemic, aides told CNN.
Some of the groundwork was already in place for teleworking as the government had practiced remote work before. Some units in the government, like the General Services Administration’s 18F organization, use Slack as a primary means of communication since most of its employees work remotely across the country.
Cisco’s Webex platform was already used in several agencies like the Department of Health and Human Services, Food and Drug Administration, NASA and the Department of Homeland Security, according to FedRAMP’s website.
“We are really extending our capabilities and helping the government scale,” De Groote said.
Keeping security in mind
De Groote said Cisco is also receiving added interest in services like virtual private networks (VPNs), multi-factor authentication and having zero-trust protections in place.
“The perimeter disappears as workers go mobile,” De Groote said of having zero-trust procedures in place, which require authentication at every layer of security instead of a once-and-done login system.
Some of the government’s procedural and security steps will impede the rapid acquisition of some new technology, but those steps will hopefully keep security primary as the potential attack surface expands, said Wickr’sWallenstrom.
The increased interest his company has received from the government would not have been able to translate to action without the relationships his company has with organizations like the Defense Innovation Unit. Their ability to scale up fast is also supported by prime contractors like General Dynamics Information Technology that provides a “really good partnership,” Wallenstrom added.
Security in collaboration technologies themselves is important, but so is the security consciousness of the people using it, Jason Yakencheck, the president of the technology trade association ISACA’s local DC chapter, said in a statement.
“Bad actors view the crisis as an opportunity to take advantage of fears or unfamiliar teleworking conditions to spread malware or steal sensitive information,” Yakencheck said. The National Institute for Standards and Technology also published a reminder of telework cybersecurity guidelines this week.