The committee also passed bills to shore up supply chain cybersecurity and codify DHS’ CDM and cyber incident response programs.
Federal agencies would be able to override union objections to block employees from using personal email accounts or Facebook on work computers under a bill the Senate Homeland Security Committee forwarded Wednesday.
The bill, sponsored by Committee Chairman Ron Johnson, R-Wisc., would give agencies authority to block websites if there’s a pressing cybersecurity need.
The Federal Information Systems Safeguards Act, which is less than 250 words, passed on a voice vote. Though senators did not individually record their votes, several voted against the measure.
Johnson was the only senator who spoke directly about the bill, saying: “It’s a good piece of legislation. I think it’s necessary.”
A similar bill passed the House Oversight Committee in July.
The American Federation of Government Employees, a major federal employee union, put out a statement opposing the House bill, saying it “does not increase federal IT security” and “would take collective bargaining rights away from employees when it comes to IT.”
The bills were spawned, in part, by a 2014 ruling by the Federal Labor Relations Authority, which found Immigration and Customs Enforcement could not unilaterally block employees’ access to personal email on government computer networks without first consulting with the employees’ union.
House Democrats argued the bill would grant agency leaders too much power to make arbitrary decisions about acceptable websites for employees to visit and would make it tougher for employees’ families to contact them in emergencies or to plan schedule changes in childcare and after-school activities.
Securing Supply Chains
Another bill forwarded by the Senate committee Wednesday would establish an interagency council to establish rules that boost the cybersecurity of government supply chains.
The Federal Acquisition Supply Chain Security Act, sponsored by committee ranking member Claire McCaskill, D-Mo., and Sen. James Lankford, R-Okla., comes after Congress passed standalone provisions to ban products from the Russian software maker Kaspersky and the Chinese telecoms Huawei and ZTE.
The Homeland Security Department is also pressing an administration proposal that would give it broad authority to ban questionable software throughout the civilian government.
McCaskill said during the hearing that the Kaspersky ban was a “wakeup call for our government.”
Another bill would make it easier for government employees with cyber skills to do short-term rotations in other agencies.