Policy & Procurement

Government policy and regulation regarding the procurement and use of cloud computing technologies is still in its nascent stages. This portion of the SafeGov.org site focuses on current policy and procurement issues related to cloud adoption in the public sector, including analyses of Federal, state, and local issues, developments in higher education, and related laws, regulations, and directives.

What is the Cost of a Snowden?

Paul Rosenzweig by Paul Rosenzweig, The Chertoff Group
Wednesday, March 26, 2014

In 2012, the American cybersecurity company, Mandiant (now owned by FireEye) released a report tracking an extensive, comprehensive cybersecurity threat from China. It gave the Chinese program the name “APT-1,” where APT stands for Advanced Persistent Threat. APT was as accurate a characterization as one could imagine – the techniques used by the Chinese where highly sophisticated and advanced, and they were determined and continuous.

Lawsuit Raises Red Flags For Government Cloud Users

Karen Evans by Karen Evans, KE&T Partners
Tuesday, March 25, 2014

A California lawsuit suggests the federal government must take stronger steps to protect government data from data mining and user profiling by cloud service providers. In the technology-rich world we live in, it's critical for everyone to understand how their data is processed and used. For the government, it is arguably even more important, given the massive amounts of sensitive citizen data it possesses and stores.

Is Ireland the First “Cloud Haven”?

H. Bryan Cunningham by Bryan Cunningham, Cunningham Levy LLP
Thursday, February 27, 2014

If you’re looking to launch a cloud-based venture, Ireland wants you to know it’s open for business. Very open. Not just a tax haven, mind you, Ireland wants to be very clear about that, given allegations to the contrary in the US Congress last year. In late 2013, Ireland’s Industrial Development Agency, chartered to attract foreign business to the island, pushed back hard on allegations that companies establish “headquarters” in Ireland in order to render themselves immune from corporate tax. The IDA stressed, in a Venture Beat Op-Ed, that, while it’s 12.5 percent corporate tax rate is attractive there is far more to recommend Ireland as a “cloud haven.”

Net Neutrality and the Cloud

Paul Rosenzweig by Paul Rosenzweig, The Chertoff Group
Tuesday, February 25, 2014

In a sweeping decision, the District of Columbia Circuit Court of Appeals in Washington struck down an order from the Federal Communications Commission (FCC) that the FCC said was intended to foster an open internet network and provide transparency and ease of access for consumers. In doing so, the DC Circuit dramatically affected the prospects for many current and future cloud applications – so dramatically, for example, that the value of Netflix stock initially dropped 5% in the wake of the decision. (Netflix is thought to be disadvantaged by the decision). The stock has rebounded since, but the incident makes it clear that some cloud providers are dependent on a particular pricing framework for internet transmission – a one size fits all model where broadband service providers cannot charge discriminatory prices to different content creators based on the nature and volume of their product. The current pricing framework is now likely to be reexamined. How that reexamination plays out will determine the security and efficacy of cloud services in the next few years.

Duties When Contracting With Data Service Providers

Daniel J. Solove by Daniel Solove, TeachPrivacy
Tuesday, February 18, 2014

In the world of data protection, it’s an old story: Personal data gets shared with a third party data service provider, and then something goes wrong at the provider.

New Year’s Resolution for EU: Don’t Kill Safe Harbor

H. Bryan Cunningham by Bryan Cunningham, Cunningham Levy LLP
Friday, January 24, 2014

As the year changes, everyone makes lists. Here’s mine: the top 5 reasons the EU would be wrong to kill Safe Harbor. I hope EU politicians will resolve to consider them before dropping lumps of coal into their citizens’ privacy stockings. Their threat to terminate the Safe Harbor program: is based on inaccurate information; would destroy one of the few effective US legal tools to protect EU citizens’ privacy; would heavily burden US companies and trans-Atlantic commerce; has no chance to stop NSA spying-- the professed goal; and is ill-timed given now that the US government now is starting to police itself.

5 steps to jumpstart your city's cloud

Brian Robinson, GCN,  Friday, January 24, 2014

Among city government IT managers, cloud computing has drawn a lot of interest, as well as suspicion. Along with the touted advantages of the cloud has come considerable caution over its drawbacks, not least for its potential security and privacy hazards. Consequently, cities have been slow to adopt cloud-based services.

SafeGov.org Commissioned White Paper Proposes Framework for Improving Federal Cloud Networks and Procurement Processes

Julie AndersonKaren Evans by Julie Anderson, Civitas Group
Karen Evans, KE&T Partners
Thursday, January 16, 2014

SafeGov.org today released its latest report titled “Staying Safe in Cyberspace: Cloud Security on the Horizon” at the MeriTalk 2014 Cloud Computing Brainstorm held at the Newseum in Washington, D.C. The report proposes an integrated approach to cloud implementation to help agencies realize the benefits of cloud technologies while meeting current Federal cybersecurity requirements. Until now, efforts to implement cybersecurity and cloud computing initiatives have been fragmented and lack overarching coordination. This report works to address this gap in a series of recommendations intended to mitigate risk while harnessing the vast rewards provided by cloud technologies.

The Least Surprising Development of the Year … And the Most

Paul Rosenzweig by Paul Rosenzweig, The Chertoff Group
Wednesday, December 18, 2013

In a year full of surprises (did you really think that Apple stock prices would rebound?) there are some developments that seem inevitable. One candidate for “least surprising” tech event of the year was the aftermath of the Snowden revelations – distrust of the United States and, closely related, foreign abandonment of domestic American cloud service providers.

Major reforms needed to effectively manage federal IT

Julie AndersonKaren Evans by Julie Anderson, Civitas Group
Karen Evans, KE&T Partners
Wednesday, November 20, 2013

As the federal government strives to improve technology asset utilization and cybersecurity to enable mission fulfillment in an era of budget constraints, what is "old" is becoming "new" again.