House takes steps to boost cybersecurity

By Paul Kane
Washington Post Staff writer
Wednesday, December 16, 2009

House leaders have asked the chamber's security officials to implement a new cybersecurity training regimen for aides and take additional measures to protect sensitive information from potential hackers.

After a six-week review prompted by The Washington Post's disclosure of the ethics committee's secretive deliberations, Daniel P. Beard, the House's chief administrative officer, recommended technology security updates that focused mostly on making staff aware of the security risks on the Internet.

"Changes in security policies will make it clear that all sensitive House information will remain on House equipment at all times, it will be encrypted when stored on mobile devices and must not be transmitted on any public access system," Beard wrote in a letter to House Speaker Nancy Pelosi (D-Calif.) and Minority Leader John A. Boehner (R-Ohio).

Beard undertook the review after a junior staffer took home a sensitive computer file that included a document naming every member of Congress the panel was investigating and updating most of the nearly three dozen investigations. In many cases, the lawmaker's ethics troubles had not been revealed publicly.

The staffer placed the file on a home computer on which she had downloaded peer-to-peer file-sharing software, commonly used by people who want to share music and other digital files. The Post obtained the file from a source who had no connection to Congress or any matter before the ethics committee.

In addition to new training, Beard will force the House's internal wireless Internet service to be password-protected. Employees traveling outside the United States will have their government-issued wireless devices checked by House security before and after their trips.

© 2009 The Washington Post Company