Nancy Rainosek, chief information security officer for the state of Texas, explained how her office has been providing secure technical infrastructure to employees executing their duties in a hybrid work environment, during an August 17 event entitled Stuck in Neutral: How to Jumpstart Change in Government, hosted by GovLoop.
“For a while now we’ve expanded VPN [virtual private network] capabilities so government workers can at least connect from their home to the state’s network, when they’re working, and communicating with one another,” Rainosek said.
The larger move to hybrid work has pushed people to perform work not only on laptop computers issued by the state and connected to government servers and VPNs, but also has created a demand for the smart phone applications by state employees.
“We’ve always had a bring-your-own-device policy for phones, but not for computers, which is kind of interesting, because you can do a lot on a phone these days,” Rainosek said. “Because of that, we have purchased FedRAMP [The Federal Risk and Authorization Management Program]-approved application for phones, which is pretty cool.”
Rainosek also explained that one of the complexities of working in the state involves how the government is set up to manage technology and cybersecurity.
“Every government employee in Texas has to take a certified training program, a program that’s certified by my office,” she said. The program was strengthened “because we had very high compliance at the state level, but not so much at the local level,” Rainosek said. “Texas is very federated, so there’s not a lot of control at the local level.”