One of the more intriguing tradeoffs with information security is green IT, says Robert Brammer, Northrop Grumman Information Systems vice president of advance technology.
"The first question they are going to ask the external provider is: 'What kind of procedures will you follow for physically securing the servers, for assuring the authenticity of the log-in, for security of the data during transit to and from your site?'" IBM's Dave McQueeney says.
The evolution of IT security requires human ingenuity. Machines are fast but dumb, yet using human brainpower can help reject quickly harmful traffic aimed to damage critical IT systems, says Phyllis Schneck, McAfee CTO/public sector.
The 90-page document defines common security and risk assessment requirements that qualified private contractors must meet to provide cloud computing services to federal agencies.
Cybersecurity is truly a bipartisan issue in Congress, but measures aimed at enhancing the protection of military IT systems fell victim to political squabbling over the repeal of the don't ask, don't tell policy on gays in the military.
Sensitive information maintained by three federal departments - Defense, Homeland Security and Health and Human Services - isn't fully safeguarded from the inquisitive eyes of government contractors, putting the data at risk of unauthorized disclosure or misuse.
"What we are trying to do in Michigan is to set the framework, which means that these cloud solution providers meet our requirements, not the other way around," says Ken Theis, director of the state Department of Technology, Management and Budget.
Gmail and calendar data generated from local, state and federal customers will be segregated on servers reserved for governments and situated in the continental United States.
People who customize software often don't know what they're doing, creating an environment where adversaries can exploit unintended vulnerabilities, says Robert Lentz, the longtime Defense chief information security officer.
Microsoft Federal Chief Technology Officer Susie Adams and Chief Security Officer Bill Billings praise the new Federal Risk and Authorization Management Program that should make cloud computing easier to adopt by government agencies.
It's not just the need to educate federal officials, but the necessity to build trust in cloud computing to get the government to adopt the relatively nascent technology, says Mel Greer, Lockheed Martin's cloud computing chief strategist.
A CD-Rom containing the personal identifiable information was in one of three laptops stolen from the Morrow, Ga., offices of Serco Inc., a government contractor based in Reston, Va.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
