This bill amends various sections of the Idaho Code to enhance cybersecurity measures within state government. Key provisions include the requirement for the Office of Information Technology Services to implement cybersecurity best practices and to mandate the use of multifactor identification for accessing information technology devices and services across all state agencies. The bill also updates the definitions related to information technology and multifactor identification, clarifying the types of credentials that can be used for authentication.

Additionally, the bill introduces a new section that specifically mandates the legislative and judicial branches, as well as elected constitutional officers, to adopt multifactor identification protocols. This requirement aims to bolster security for accessing sensitive information and technology systems. The bill declares an emergency, establishing an effective date of July 1, 2025, for these changes to take effect.

Statutes affected:
Bill Text: 67-827A, 67-831