having worked for the US gvt, though not in legislature or dept of state, PIV cards were always required to access a gvt machine, and leaving your PIV inserted while absent from the room was, in theory, a serious offense.
Are congress critters and others not required to use ID cards when accessing gvt networks?
Different agencies have different IT systems at the federal level. The PIV cards used by the DOD and some other departments are not universal within the executive branch, and the legislative and judicial branches manage their own IT systems (sometimes still managing it locally rather than having any kind of centralized system). Government IT is very much a set of feudal territories still and many of them are not well or consistently managed.
The rules for the executive branch are fairly rigorous. The legislative branch, not so much. There's a huge difference in scale: the executive branch employs some 4 million folks, the legislative branch just 35K.
Just the picture of Pelosi's desktop indicates there's no automatic screenlock, which is a fairly low bar as controls go.
My understanding is that each legislator is like an independent client and is able to run basically whatever IT they want as far as the unclassified (yet still sensitive of course) stuff goes. Given that, I'm betting the shared IT group is basically just recommending best practices and hoping people are listening.
having worked for the US gvt, though not in legislature or dept of state, PIV cards were always required to access a gvt machine, and leaving your PIV inserted while absent from the room was, in theory, a serious offense.
Are congress critters and others not required to use ID cards when accessing gvt networks?