9 Questions to Consider for Selecting and Safely Using Collaboration Services for Telework

by Department of Defense

Due to COVID19, many United States Government (USG) personnel have been forced to conduct operations remotely. The National Security Agency (NSA) has taken the necessary need for commercial collaboration services on personal devices; in order to continue some government official use. To equip personnel with the safest and most secure choices of commercial collaboration they have utilized scope and audience to identify criteria that qualifies if a company or device is appropriate for use.

  1. Does the service implement end-to-end encryption?
  2. Are strong, well-known, testable encryption standards (such as NIST-approved algorithms and current IETF secure protocol standards) used?
  3. Is multi-factor authentication (MFA) used to validate users’ identities?
  4. Can users see and control who connects to collaboration sessions?
  5. Does the service privacy policy allow the vendor to share data with third parties or affiliates?
  6. Do users have the ability to securely delete data from the service and its repositories as needed?
  7. Has the collaboration service’s source code been shared publicly?
  8. Has the service been reviewed or certified by a security-focused, nationally recognized government body?
  9. Is the service developed and/or hosted under the jurisdiction of a government with laws that could jeopardize USG official use? 

Read more about these criteria in depth by visiting the department of defense’s website.

Recommended Posts
Andres Ramos

WhiteHawk, as a Cyber Risk prioritization and mitigation online platform, is welcoming the transition to the Cybersecurity Maturity Model…

Malachi Walker

Brace yourselves; because CMMC is coming and the opportunities will not be far behind. 

Malachi Walker

5G is coming with the opportunity to connect more devices than ever before in faster time. But what does that mean for national security? Read…