The Many Risks of Unexpected Remote Work for Government Agencies

Many agency employees are working remotely for the first time this week.  It wasn’t by choice, of course; they have been left with little choice as mayors, governors and the President have issued requests and demands that people not congregate in large buildings unless it’s critical – and in many states, that means only grocery stores, hospitals and pharmacies.

Thanks to a uniquely terrible situation in this country, we’re going to learn much about the inherent risks of existing agency processes.  Some of the most painful lessons will be learned in the area of technology.  Here are a few examples that have already popped up.

  • — The VA is forcing administrative staff to report to the VA even as viral spread spirals to dangerous levels, making it much more likely that it will spread through the hospital system.  The reason?  Their servers can’t handle the load of so much telework, and they’re saving available bandwidth for healthcare providers.

  • — Because agencies didn’t have time to plan for this massive move to remote work in advance, processes aren’t in place to ensure security.  CNN reports that that the Air Force has simultaneous VPN support for fewer than one third of the employees that work for them.

  • — The best defense against cyberattacks such as phishing emails is for a well-trained human to determine if the email looks “normal”.  But most emails don’t look normal right now – things that used to be handled in person are now being handled electronically.  This presents an opportunity for cyberfraud to become more pervasive, as outlined by the CISA.  If remote workers aren’t using two-factor authentication, it’s also more likely that infiltrators can more successfully use stolen credentials to log on remotely themselves without it being quickly noticed.

Of course, these aren’t just threats for the agencies being overseen by investigative bodies.  If your investigators are working remotely much more than typical during this time, then your team is susceptible to these same threats.  Investigative groups have to protect themselves today against the same novel threats they’ll soon be evaluating in the agencies they oversee.  While these lessons may help to reduce future risk, that’s little solace for those facing them today.

To learn how CMTS can help your investigative agency
close cases more efficiently, call us at 855-667-8877 or email us at Team_CMTS@securecasemanagement.com.