United States: Senators Revive a Legislation To Strengthen Federal Data Center Security

As institutions continue to consolidate their information repositories, a bipartisan group of senators has proposed legislation to strengthen government data centers' physical and electronic security against various threats. The Office of Management and Budget would be required to work with governmental departments to establish minimum prerequisites for new federal data centers that satisfy high standards for information security, resiliency, availability, and sustainability under the Federal Data Center Enhancement Act, which was introduced on March 22 by Senators Jacky Rosen, D-Nev., Gary Peters, D-Mich., and John Cornyn, R-Texas. The bill states that these minimum requirements cover, among other things, information security safeguards, safeguards against power outages, physical encroachments, and natural disasters standards relating to data center uptime percentages, or the percentage of time a data center is guaranteed to be accessible each year. 

All three senators originally submitted the same measure in July 2022. The Senate Homeland Security and Governmental Affairs Committee, which Peters leads, approved the measure, but the entire Senate did not vote on it before the 117th Congress came to an end. The Federal Data Center Consolidation Project, which started in 2010, and the Federal Information Technology Acquisition Reform Act, passed in 2014, successfully relieved the number of federal data centers, and the new law aims to build on that accomplishment. The senators claimed in a joint press statement last year that since 2010, more than 6,000 government data centers had been consolidated, resulting in savings and cost avoidance of $5.8 billion. The government now has to concentrate on protecting the remaining data centers, according to the bill's proponents, given the effectiveness of these efforts at consolidation and streamlining.