According to Govexec.com, the department has also limited access to its offsite server at one of its three major divisions.
Failure to comply with the directive could warrant administrative, civil or criminal penalties, VA Secretary James Nicholson said Thursday at committee hearing, the Web site reported.
The 35,000 employees that now have access to the department’s offsite private network server will no longer have access to it from personal computers, Govexec.com reported. The new policy will also force those with laptops to return them to the agency every 30 days for security screenings.
Another security directive on June 6 aimed at tightening security bars employees from removing claim files from their offices to work on at outside locations.
The clamp down on security was brought on after a long-time employee who was not authorized to use the network had taken data to his home in Maryland on his personal computer. On May 3, the computer and an external hard drive containing the personal information of 26.5 million people was stolen when someone broke into his home.
The security breach expanded this week to affect the records of 2.2 million military personnel in addition to all of the country’s veterans, prompting Nicholson say “We remain hopeful that this was a common theft, and that no use will be made the VA data,” Govexec.com reported.