Security and interoperability on the cards for US government use of Zoom, Slack and Teams

USA Stars and Stripes flag made of Computer Code
(Image credit: Getty Images)

Popular collaboration tools such as Microsoft Teams, Zoom, Slack and Google may be required to implement end-to-end encryption and interoperability if used by US federal agencies.

Legislation put forward by US Senator Ron Wyden, titled as the Secure and Interoperable Government Collaboration Technology Act is looking to boost security for such tools following a number of high-profile recent incidents.

Federal agencies don’t seem to use a single standard collaboration tool between them, making it necessary that when inter-agency communication does happen, it should be fully secure.

Communication is key

If written into law - which would most likely happen in 2025 due to the upcoming elections - the bill would require each collaboration tool used by federal agencies to be assessed by the National Institute of Standards and Technology (NIST) in order to understand how they can interoperate securely.

Email accounts linked to several agencies have been cracked by Russian hackers exploiting a chain of vulnerabilities linked to Microsoft corporate email accounts, and other government agencies have succumbed to a cascade of Ivanti VPN vulnerabilities that resulted in data exfiltration and persistent system access affecting businesses and government departments alike.

Speaking on the proposal, Wyden said, “My bill will secure the US government's communications from foreign hackers, while protecting taxpayer wallets. Vendor lock-in, bundling, and other anticompetitive practices result in the government spending vast sums of money on insecure software.”

“It's time to break the chokehold of big tech companies like Microsoft on government software, set high cybersecurity standards and reap the many benefits of a competitive market,” he concluded.

Once signed into law, federal agencies would have up to four years to ensure their collaboration software meets the standards and requirements set by NIST, so while it isn’t an immediate fix to some of the security issues the federal government is experiencing, it's certainly a step in the right direction.

Via The Register

More from TechRadar Pro

TOPICS
Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.