Popular collaboration tools such as Microsoft Teams, Zoom, Slack and Google may be required to implement end-to-end encryption and interoperability if used by US federal agencies.
Legislation put forward by US Senator Ron Wyden, titled the Secure and Interoperable Government Collaboration Technology Act, aims to improve the security of such tools after a number of high-profile recent incidents.
Federal agencies do not appear to use any standard collaboration tools between them, making it imperative that when interagency communications occur, they must be completely secure.
Communication is key
If the bill were signed into law – which would most likely happen in 2025 due to the upcoming elections – it would require every collaborative tool used by federal agencies to be reviewed by the National Institute of Standards and Technology (NIST) to understand how they can work together. work together safely.
Email accounts linked to various agencies have been cracked by Russian hackers who exploited a series of vulnerabilities linked to Microsoft corporate email accounts, and other government agencies have succumbed to a cascade of Ivanti VPN vulnerabilities that have resulted in data exfiltration and persistent system access that affects businesses and government. departments alike.
Wyden said of the proposal: “My bill will secure U.S. government communications from foreign hackers while protecting taxpayers’ wallets. Supplier lock-in, bundling and other anti-competitive practices cause the government to spend large amounts of money on insecure software.”
“It’s time to break the stranglehold of big tech companies like Microsoft on government software, set high standards for cybersecurity, and reap the many benefits of a competitive marketplace,” he concluded.
Once the law is signed, federal agencies would have up to four years to ensure their collaboration software meets NIST standards and requirements. a step in the right direction.
Through The register