Guidance for Support of USGS Employees and Contractors using Government Computers at Private Residences and/or Privately Owned Computers to Perform Government Duties
In Reply Refer To:
Office of Information
Mail Stop 440
Sunset Date: January 2008
January 3, 2003
WATER RESOURCES DISCIPLINE POLICY MEMORANDUM NO. 2003.03
Subject: Guidance for Support of USGS Employees and Contractors
using Government Computers at Private Residences and/or
Privately Owned Computers to Perform Government Duties
The purpose of this memorandum is to provide guidance to cost-center
managers and computer support staff who support USGS employees and
contractors that use (1) Government computers at private residences and/or
(2) privately owned computers to perform Government duties. For purposes
of this memorandum, "privately owned computer" is defined as a computer
that is not owned by USGS. The terms "home computer" and "home" are used
interchangeably with "privately owned computer" and "private residence,"
respectively. In addition, it is important to understand that all
"appropriate use" policies of the USGS and Department of the Interior
apply to all Government computers at all times, regardless of where these
computers are used.
The subject issue has been driven by factors including the proliferation
of home computers and the growing capabilities of the "home computer
environment;" the desire of employees to perform work-related tasks during
evenings and weekends; the granting of Flexiplace privileges to employees;
and an increased use of mobile computing. Employees who use Government
computers at home or who use their privately owned computers to perform
Government duties often require assistance with computer configurations,
telecommunications, and a wide range of matters that constitute "computer
support" needs. Although hardware and software providers, Internet
service providers, and local computer service providers are suitable
sources for most home computer support needs, USGS employees often call
upon USGS computer support staff for assistance. The role and
responsibilities of employees/contractors who perform Government duties at
"home" and of USGS computer support staff in these situations is often
completely undefined. The issue is significant for reasons including the
possible lack of adequate and consistent support of home users performing
Government duties, the potential safety of USGS computer support staff
visiting private homes, and the probable over-commitment of computer
support staff, if roles and responsibilities are not clear.
The issue is complicated by interdependencies between hardware, software,
configuration settings, and telecommunication settings that can turn even
the simplest requests for home support into a complex series of problems
and actions. Conversely, security vulnerabilities of the home computer
can present unacceptable vulnerabilities to Government computers in the
office. The Information Technology Advisory Committee (ITAC) has reviewed
the procedures followed by various districts and has developed the
following guidance:
It is important for cost-center management to discuss the issue with
computer support staff and to decide upon a reasonable definition of what
to support—and what not to support—when it comes to use of Government
computers at private residences, as well as the use of privately owned
computers to perform Government duties. The following factors should be
considered in the decisionmaking process:
1. USGS Flexiplace policy regarding computers is available on-line,
and discusses responsibilities of the employee's supervisor and of the
employee. In addition to these requirements, it is acceptable to expect
the employee to apply vendor-recommended security patches to the operating
system and applications.
2. USGS Flexiplace policy regarding access to Privacy Act,
sensitive, proprietary, or classified data is available on-line, and
discusses responsibilities of the employee's supervisor and of the
employee.
3. Privately owned computers accessing Government computers through
the USGS VPN Service must be protected by at least a software firewall.
USGS license agreements are in place to provide antivirus and firewall
software to home computers at no additional cost. USGS policies and
requirements are defined at the USGS VPN Web site,
http://online.wr.usgs.gov/remoteaccess/vpn/
4. It is important for employees to understand that any work
performed on a privately owned computer on behalf of the Government is
property of the Government—including Government records stored on the
privately owned computer. If a privately owned computer is used to
perform Government duties, if software licensed to the Government is
installed on a privately owned computer, or if the Government pays for any
portion of the telecommunications service used to connect a privately
owned computer to Government computers, then the Government has the right
to perform security scans on the privately owned computer and to inspect
the privately owned computer. In addition, the privately owned computer
could be subpoenaed or subject to court ordered action.
5. It is possible that computer support staff may encounter illegal
software, storage of pornography, or evidence of criminal activity on a
privately owned computer. According to Department of the Interior and
USGS Ethics personnel, personal property—even if used for Government
work—is under no Government workplace regulations; private use of private
property is the owner's right of choice, and is not subject to Federal
workplace regulations. Likewise, there are no requirements for a Federal
employee to report such activities; however, as a citizen, a Federal
employee may certainly choose to report illegal activity to the
appropriate authorities. Encountering such material places the computer
support person in a very awkward position, particularly when working on a
home computer used by a number of family members. Before working on the
home computer, the computer support staff should discuss this issue with
the home computer owner and agree on what should be done if such material
is encountered.
6. It is also possible that computer support staff may accidentally
damage a privately owned computer when attempting to configure the
computer for Government work. In this scenario, liability might be at
question and should be addressed by management upfront. The Flexiplace
guidelines indicate "any repair or maintenance costs for employee-owned
equipment, are strictly the responsibility of the employee". Inversely,
computer support staff may properly configure a privately owned computer
for Government work, and later find that the computer was subsequently
mis-configured by the actions of a family member. If repeated problems
occur with a privately owned computer requiring attention by USGS computer
support staff, the employee may be provided a Government computer to be
used exclusively for Government duties and one that has the appropriate
security and configuration measures in place.
7. Cost-center management, cost-center supervisors, and the
computer site administrator should agree, up-front, to the constraints of
support to be provided:
a. Define which individuals are to receive this support service.
b. Define what privately owned hardware and software will be
supported, if any. Define the locations at which the support will
be provided. Approaches presently or potentially used by
districts to provide computer support services for computers used in
private residences are:
(1) Government computers used at private residences will
be supported only when brought into the office.
(2) Government computers used at private residences will
be supported when brought into the office and by making house calls.
(3) Government and privately owned computers used at
private residences will be supported only when brought into the office.
(4) Government and privately owned computers used at
private residences will be supported when brought into the office and
by making house calls.
Other support options include providing computer support to the employee
at home over the telephone or by remote connection.
Although it is possible to remotely administer a privately owned computer,
performance and security measures must be considered. With dial-up
connectivity slow bandwidth could potentially tie up the employees home
phone-line for hours, while updates take place. With always-on connections
such as DSL or cable modem care (i.e. firewall) should be taken to only
allow the remote administrator to connect. Only remote administration
software that provides encryption should be used, although, it usually has
a higher price tag.
The approach recommended by ITAC and endorsed by the Office of Information
is: USGS computer support staff should configure the computer for remote
access with all patches and security fixes installed and then maintain
updates to that computer while it is off site. If problems occur with the
computer that cannot be resolved remotely, the employee should take the
system (usually just the CPU) to USGS computer support staff for
servicing.
Sample District Policy documents are available at:
Recommended Policy for Dial-up (PPP or Point to Point Protocol)
Connections
http://wwwnwis.er.usgs.gov/cpac/minutes/021001PolicyOutlineforPPP.pdf
Policy and Procedures for VPN Service
http://wwwnwis.er.usgs.gov/cpac/minutes/021001VPNpolicy_procedures.pdf
/signed/
Katherine Lins
Acting Chief, Office of
Information
Distribution: District Chiefs
System Administrators
Copy To: WRD Senior Staff
Regional Hydrologists
Regional Computer Specialists
WRD Information Technology Advisory Committee
This memorandum does not supersede any previous WRD memorandum.
*********************************************
Katherine Lins
Acting Chief, Office of Information, WRD
U.S. Geological Survey
440 National Center
Reston, VA 20192
703-648-5014
**********************************************