According to a U.S. Army spokesperson, the military branch has rescinded a policy that restricted Internet of Things (IoT) devices from telework environments to prevent data leaks and protect the privacy of critical unclassified information, personally identifiable information, and operational data.
Army spokesman Jason Waggoner confirmed to MeriTalk that the “memo was removed for further staffing.”
The short-lived policy, titled “Cybersecurity Requirements for Teleworkers in the Vicinity of Smart Internet?of Things?Applications?and?Devices,” was announced on May 20 in a memo. The policy “defines IoT devices as a network of items or applications that connect to the internet and emanate from several different technologies” and mandated that all Army personnel teleworking remove or turn off all IoT devices in their workspaces.
These devices include household items, including: Bluetooth wireless devices, speakers, home routers, smart home devices, kitchen appliances, and fitness trackers, among others.
“As a result of the pandemic, we saw a drastic expansion of our digital ecosystem which introduced new cybersecurity risks. So, we’re elevating and expanding our protocols to make telework offices more secure for our current and future digital Army workforce,” Army CIO Dr. Raj Iyer said at the time.
According to Army, the average home may have up to 70 IoT devices and can “pose a great threat to security, in your home and at the national level.”