Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Federal Career Planning and Development

Are you looking to get promoted?
Maybe a change in your federal career?
Need tips on resume writing to land a federal job?
Or how to increase your salary or get a pay raise?

Join this active discussion with others climbing the same challenging career ladder.

Consider ordering some helpful resources or read today's top news stories on federal employee pay, benefits, retirement, job rights and other workplace issues by visiting FederalDaily.com.

Options
Go to last post Go to first unread
cobolt  
#1 Posted : Tuesday, June 04, 2019 4:07:21 AM(UTC)
cobolt

Rank: Newbie

Groups: Registered
Joined: 7/23/2015(UTC)
Posts: 7

I currently work for DOD and have been extended a tentative offer from another agency. They sent me a link to upload my OF-306. The link required a password, which was not provided and there was no other way for me to access/activate this link. When I asked HR what should go in the field or how to log in, the rep told me "We don't use that link anymore. Just go ahead and email the form to me." I'm not even sure why you'd send a link you no longer use. At the time, I was communicating with the rep via a non-government email account. I told the HR rep that since there is PII (SSN, DOB etc) in the OF-306, I would send it via government, encrypted email from my work account. The HR rep told me that he had no way of sending/receiving encrypted email and that I should just go ahead and password protect the document and send the password in a separate email. I should add that both HR reps from this agency have been contractors. I don't know if they have actual GS-type HR people, but even contractors should have encrypted email, so I would think this may be an agency issue. Not sure.

This whole thing just seems off to me. Although not ideal, encrypted email is a way better method in emailing PII end-to-end communications than a password protected document. This safeguard and protection level continually gets pounded into our heads during annual cyber awareness training. I have a hard time believing an agency's HR has no means of handling this other than password protecting a document, which is not secure via transmission. Maybe it's okay for passing around the office, but not for this. Every time I've accepted another position, there was always a means the agency had to deal with this, if not encrypted email then some sort of https platform, link, etc.

Is this normal? Should I be concerned? How to proceed?
DaVinci95  
#2 Posted : Tuesday, June 04, 2019 4:34:19 AM(UTC)
DaVinci95

Rank: Senior Member

Groups: Registered
Joined: 5/4/2014(UTC)
Posts: 250
United States

Thanks: 5 times
Was thanked: 59 time(s) in 58 post(s)
When I worked in Japan it seemed our ability to receive encrypted email changed with the weather. It would not surprise me to find an office that couldn't receive it. If you are uncomfortable with password protecting the document, you could send it by a secure file exchange server, like AMRDEC.
cobolt  
#3 Posted : Tuesday, June 04, 2019 4:45:15 AM(UTC)
cobolt

Rank: Newbie

Groups: Registered
Joined: 7/23/2015(UTC)
Posts: 7

But isn't AMERDEC only DOD-Army specific? I don't believe agencies outside of DOD can use it. The agency should have some sort of secure file sharing platform to accommodate this situation. The onus shouldn't be on the candidate to figure this out.
FatHappyCat  
#4 Posted : Tuesday, June 04, 2019 5:51:07 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 1/9/2011(UTC)
Posts: 699

Thanks: 3 times
Was thanked: 105 time(s) in 91 post(s)
Sending encrypted emails requires a trusted pairing between the two users which is why it's impossible to send encrypted emails between first contacts. I've never been able to send out an encrypted email to anyone outside DoD when I was in DoD.

AMDREC is actually not authorized for the sending of encrypted email. And, yes, sending password via 2 emails is not the preferred method it is still an authorized method considering the alternative. Be lucky they're even giving you this option. They could have very much said that if you didn't like what was presented, to just snail mail them the information and delay the process for weeks.
cobolt  
#5 Posted : Tuesday, June 04, 2019 7:10:06 AM(UTC)
cobolt

Rank: Newbie

Groups: Registered
Joined: 7/23/2015(UTC)
Posts: 7

AMRDEC is intended to safely and securely exchange files. So although you're not emailing through it, it is a secure, or supposedly so, file exchange.

"Be lucky" I'm being offered this option does nothing for security, either for my PII, which has been compromised by the govt already, or for the numerous data breeches we have in the fed service.

So I guess I should conclude this is normal ops and either deal with it or get off the train?
rbr  
#6 Posted : Tuesday, June 04, 2019 7:39:21 AM(UTC)
rbr

Rank: Senior Member

Groups: Registered
Joined: 2/2/2018(UTC)
Posts: 285

Thanks: 13 times
Was thanked: 34 time(s) in 31 post(s)
Originally Posted by: cobolt Go to Quoted Post
AMRDEC is intended to safely and securely exchange files. So although you're not emailing through it, it is a secure, or supposedly so, file exchange.

"Be lucky" I'm being offered this option does nothing for security, either for my PII, which has been compromised by the govt already, or for the numerous data breeches we have in the fed service.

So I guess I should conclude this is normal ops and either deal with it or get off the train?


The federal government isn't Burger King where you can always have it your way. Like the posts before said, if you are so concerned about your information being compromised through email then fill out the forms via hardcopy and send it to the HR contact via FedEx.

Not sure if you've had any exchanges with the HR people about this issue, but if you come at them like you are on here I guarantee that you will be making another post in two months wondering why you haven't been given a start date for that position
RVRGRL  
#7 Posted : Tuesday, June 04, 2019 8:19:17 AM(UTC)
RVRGRL

Rank: Groupie

Groups: Registered
Joined: 4/26/2018(UTC)
Posts: 51
Location: Germany

Was thanked: 20 time(s) in 16 post(s)
I'm going to add in another AMRDEC vote. It is not Army specific. I used to use it a lot to transfer info to my contractors because the government computers always denied me sending data that included numbers to a non-gov emails. Also used it a lot when I was sending pages of reports with numbers to a State Agency! There wasn't even sensitive data on the reports, yet my gov computer would refuse to send it.

There's ways to flag it with Privacy Act that shouldn't interfere with someone (especially a contractor on a gov computer) opening it. You should know if they have a CAC card, since you have to decide whether to send it CAC enabled, or allow AMRDEC produced password.

Edited by user Tuesday, June 04, 2019 8:29:12 AM(UTC)  | Reason: Not specified

cobolt  
#8 Posted : Tuesday, June 04, 2019 8:27:16 AM(UTC)
cobolt

Rank: Newbie

Groups: Registered
Joined: 7/23/2015(UTC)
Posts: 7

Thanks RVRGRL! I'll look into the AMRDEC option. I thought it could only be used within DOD, but perhaps not.
DaVinci95  
#9 Posted : Tuesday, June 04, 2019 11:34:59 AM(UTC)
DaVinci95

Rank: Senior Member

Groups: Registered
Joined: 5/4/2014(UTC)
Posts: 250
United States

Thanks: 5 times
Was thanked: 59 time(s) in 58 post(s)
Originally Posted by: cobolt Go to Quoted Post
Thanks RVRGRL! I'll look into the AMRDEC option. I thought it could only be used within DOD, but perhaps not.


Anyone can use it (for official US Govt business) to send files to a .gov or .mil email address. CAC users can also send to .com or other addresses. No CAC required to retrieve files, unless you select that option.

Edited by user Tuesday, June 04, 2019 11:35:55 AM(UTC)  | Reason: Not specified

Rss Feed  Atom Feed
Users browsing this topic
Guest (2)
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.


This page was generated in 1.407 seconds.