How NASA launched its web infrastructure into the cloud

Jonathan Vanian, GigaOM,  Friday, December 19, 2014

The space agency uses Amazon Web Services to provide the backbone for its new Drupal content management system, and has worked out an interesting way to pay for the cloud, explained Kadakia. NASA’s uses a contract vehicle called Solutions for Enterprise-Wide Procurement (SEWP) that functions like a drawdown account between NASA and Amazon. The contract vehicle takes in account that the cost of paying for cloud services can fluctuate based on needs and performance (a site might get a spike in traffic on one day and then have it drop the next day). Kadakia estimates that NASA could end up spending around $700,000 to $1 million for AWS for the year; the agency can put in $1.5 million into the account that can cover any unforeseen costs, and any money not spent can be saved. “I think of it like my service card,” she said. “I can put 50 bucks in it. I may not use it all and I won’t lose that money.”

Doug Wolfe on Cloud Computing at the CIA

Robert Tilford, Ground Report,  Friday, December 19, 2014

Doug Wolfe—a 30 year CIA veteran—has a tough job. As CIA’s Chief Information Officer (CIO), Wolfe is responsible for ushering the Agency into the 21st century with state-of-the-art computing technology while ensuring our systems are secure. As a pioneer of cloud computing at CIA, Wolfe spearheaded a new way of doing intelligence work that allows for increased collaboration across the 17 Intelligence Community (IC) agencies.

The Future of Privacy

Lee Rainie and Janna Anderson, Pew Research,  Thursday, December 18, 2014

An information science professional responded, “Individuals are willing to give up privacy for the reasons of ease, fastness, and convenience… If anything, consumer tracking will increase, and almost all data entered online will be considered ‘fair game’ for purposes of analytics and producing ‘user-driven’ ads. Privacy is an archaic term when used in reference to depositing information online.

Wanted: An International Rule of Law for Cloud Data

Michael Chertoff by Michael Chertoff, Chertoff Group
Thursday, December 18, 2014

If we don’t figure out a new way of resolving legal conflicts, the universal Web as we know it may soon be Balkanized. Global companies will be subject to competing and inconsistent legal demands—one country may require disclosure of information that another country prohibits from being disclosed. The inevitable result will be that consumers suffer diminished access to the network overall. Decisions companies make about the location of their servers and hardware will be driven by legal gamesmanship rather than by technological or infrastructure considerations. The current free-for-all of competing nations needs to be replaced with an agreed-upon international system for newly designed choice-of-law rules for data in the Internet cloud. Such rules determine which country’s law governs in a dispute, as when we try to decide whose law governs a contract for the sale of goods. We need to harmonize existing rules in a framework of law for the cyber age.

Should privacy regulation be more than just data protection?

Inga Kroener, The Guardian,  Wednesday, December 17, 2014

To get to grips with the surveillance risks that emergent technologies carry, policymakers need to broaden their scope of what privacy is. Rather than solely focusing on data, impact assessments need to address the range of privacy issues that emerge when new technologies, products and services are developed – who might be affected by privacy or surveillance risks, and how they might be harmed.

Tips from NIST on Picking the Right Cloud Vendor

Joseph Goedert, Health Data Management,  Wednesday, December 17, 2014

The draft guidance seeks to bring uniformity to the vocabulary of cloud service measurements that include abstract metric, abstract metric definition, cloud service property, concrete metric definition, context, measurement, measurement result, metric, observation, and unit of measurement. The guidance also describes the “cloud service trifecta” which can be broken down into three general areas: service selection, service agreement and service verifications, along with supporting metrics. It further defines in detail a “cloud service metric model” with 23 elemental descriptions of the foundation diagram that describes a metric definition.

What the Future Holds for FedRAMP

Nicole Blake Johnson, FedTech,  Wednesday, December 17, 2014

Big changes are ahead for the Federal Risk Authorization Management Program, better known as FedRAMP. A new two-year road map that will be released Wednesday details more than 40 initiatives aimed at accomplishing three overarching goals: increasing stakeholder engagement, including the number of agencies implementing FedRAMP; improving program efficiencies, by automating FedRAMP documentation; and adapting FedRAMP to support evolving cloud offerings and security policies while focusing on risk management rather than compliance. The road map groups initiatives in six-, 12-, 18- and 24-month intervals.

Employees “going rogue” with corporate data stored in the cloud

Business Cloud News,  Wednesday, December 17, 2014

A majority of employees storing corporate data in cloud-based platforms are still able to access those platforms after leaving their job, recently published research suggests. Solving the issue requires more than just deploying single sign-on, particularly as enterprises move away from blocking services to becoming more permissive with what apps are allowed to linger behind the firewall. IT decision makers dealing with the issue have repeatedly said rolling out cloud services that could in some way facilitate data loss requires a large push to educate users.

Privacy in a Time of Emerging Tech

Elaine Pittman, Government Technology,  Wednesday, December 17, 2014

Clearly the issue of privacy isn’t going away, as government and industry introduce new data-driven technologies. But what will change is the definition of privacy for citizens and how rules will govern data protection. Legislatures and IT chiefs will once again take up the issue in 2015, seeking ways to protect data and harness it for a smarter future.

Tech, media firms back Microsoft in digital privacy case

Ellen Nakashima, Washington Post,  Tuesday, December 16, 2014

Ten groups of top technology, media and business organizations on Monday filed legal briefs in support of Microsoft’s argument to a federal appeals court that the U.S. government cannot issue a search warrant to obtain customers’ e-mails held in another country. The unusually high number of friend-of-the-court briefs and the breadth of groups that signed on reflect how significant the issue of privacy in the digital age is to U.S. industry. “This is not a case about a narrow legal issue but rather a broad policy issue that is of profound importance to the future of the Internet,” Brad Smith, Microsoft general counsel, said in an interview Monday.