Security

IT professionals continue to cite security concerns as one of the largest barriers to cloud migration. Uniform government standards specific to cloud computing have yet to be finalized, leaving important questions regarding data availability and integrity unanswered. SafeGov.org aims to provoke discussion related to these concerns as well as raise awareness of the ways in which cloud computing could ultimately strengthen existing security measures.

Microsoft, Amazon both receive highest FedRAMP status for their government clouds

Mary Jo Foley, ZD Net,  Thursday, June 23, 2016

Within minutes of each other on June 23, Microsoft and Amazon both announced they've gotten FedRAMP's highest authorization for their respective government cloud offerings. Both the Azure Government cloud and Amazon's AWS GovCloud were among the cloud offerings that received a Provisional Authority to Operate (P-ATO) from the authorization board under the Federal Risk and Authorization Management Program (FedRAMP) High baseline. This is the highest level for FedRAMP accreditation, and means those clouds have met the U.S. government's most rigorous security requirements.

Cybersecurity norms for nation-states and the global ICT industry

Scott Charney, Microsoft on the Issues,  Thursday, June 23, 2016

Today, I am pleased to share a new white paper about cybersecurity norms for nation-states and the global information and communications technology (ICT) industry, “From Articulation to Implementation: Enabling Progress on Cybersecurity Norms.” This publication is a reflection of our ongoing efforts to advance trust in the global ICT ecosystem through development of “rules of the road” for nation-states engaged in cyber operations, as well as industry actors impacted by these activities. Our goal is to contribute to the development of frameworks and practices that protect people and companies from the effects of state-sponsored cyber operations.

Microsoft announces new data protection tool to help enterprises secure their data

Frederic Lardinois, TechCrunch,  Wednesday, June 22, 2016

Microsoft today announced a new project that aims to help enterprises protect their data as it moves between servers and devices. The new Azure Information Protection service builds on the Azure Rights Management service and the company’s recent acquisition of Israeli security firm Secure Islands. The new service will go into public preview in the next month. “Organizations must protect their data at the source in a world where information travels beyond the boundary of the corporate network and potentially across many devices outside of company control,” Microsoft explains in today’s announcement. “These realities make it more critical than ever to have solutions that prevent data loss and track information at the file level regardless of where data resides or with whom it is shared.”

States Adopt New Student Privacy Safeguards

EPIC,  Wednesday, June 22, 2016

Several states have recently enacted new student privacy laws. Colorado and Connecticut’s laws impose strict requirements on those who collect student data. Connecticut also requires that parents are notified each time a school district enters into a contract that involves student data. North Carolina enacted a student privacy law modeled after California's Student Online Personal Information Protection Act. The National Association of State Boards of Education reported that 38 states considered student privacy legislation in 2016. Ten of those states passed student privacy laws. EPIC has urged the enactment of a comprehensive student privacy bill of rights. EPIC's State Policy Project is monitoring privacy bills nationwide.

DOJ Criminal Chief Continues Push For More Access To Encrypted Data

Ehren Halse, JD Supra,  Wednesday, June 22, 2016

On June 6, 2016, during a speech at a Cybercrime Symposium co-organized by the Centers for Strategic and International Studies and the Department of Justice’s (“DOJ”) Computer Crime and Intellectual Property Section, Assistant Attorney General Leslie Caldwell continued to push for access by law enforcement to encrypted data. In her remarks, Caldwell highlighted that public policy makers – and not the private sector – should decide whether, and to what extent, law enforcement should have access to encrypted data that could be evidence in criminal investigations.

Agencies push for open standards across cloud services

Amanda Ziadeh, GCN,  Wednesday, June 22, 2016

Agencies are adopting a growing range of cloud solutions, but more-robust open standards would better support hybrid clouds and integrate cross-vendor workflows. “A lot of the discussion around infrastructure as a service needs to move in the direction of platform as a service and software as a service,” the International Trade Administration’s CIO Joe Paiva said at a recent MeriTalk government cloud event. “You need to make those platform as a services work together.”

Long past time to fix evidence-sharing across borders

H. Bryan Cunningham by Bryan Cunningham, Cunningham Levy LLP
Wednesday, June 22, 2016

Everyone agrees that the current international order for sharing evidence in criminal prosecutions is broken. This is at the heart of the litigation Microsoft is pursuing against the Department of Justice (DOJ) over data stored in Ireland, after a New York judge ordered Microsoft to retrieve and give the government the contents of communications of a customer. Microsoft, and the many companies and organizations supporting its position, asked the court to prohibit the DOJ from getting communications content from overseas via a U.S. warrant. The government’s alternative would be to use the antiquated and slow mutual legal assistance treaty (MLAT) process. While this case awaits a decision by the U.S. 2nd Circuit Court of Appeals in New York, all sides agree that, whatever the outcome of the decision, it will not begin to solve the larger — and critical — international data-sharing issues.

With Cloud Foundry, Cloud.gov Provides a Federally-Compliant Cloud for Government Work

The New Stack, Linux.com,  Tuesday, June 21, 2016

Ensuring U.S. government agencies have a compliant cloud-based infrastructure is the task of the General Services Administration’s 18F digital services, which created cloud.gov, a Cloud Foundry-based hosted cloud service specifically for federal agencies. In this episode of The New Stack Makers embedded below, The New Stack founderAlex Williams and co-host Lee Calcote sat down with Diego Lapiduz, 18F software engineer and cloud.gov director, Bret Mogilefsky, innovation specialist and product lead at 18F, as well as with Barton George, senior principal engineer in Dell’s Office of the chief technology officer.

Russian Lawmakers Call For More Surveillance and Weaker Encryption

David Meyer, Fortune,  Tuesday, June 21, 2016

Irina Yarovaya, the head of the country’s parliamentary security committee, has now proposed measures that would require Internet service providers to store metadata about customers’ activities for up to three years—and the actual contents of their communications for up to six months. State officials would be able to requisition this data, supposedly for anti-terrorism purposes. Currently, telecommunications providers only have to store metadata—time-stamped information about connections—for six months. Meanwhile, senator Yelena Mizulina (the ultra-conservative behind Russia’s controversial “gay propaganda” law) has reportedly proposed measures, as part of the same package of laws, that would force online communications providers such as WhatsApp FB 0.65% and Telegram to give the authorities ways to decrypt users’ messages.

Maximize hybrid cloud benefits through resource, cost management

Kristin Knapp, Search Cloud Computing,  Monday, June 20, 2016

In the enterprise market, there seems to be a growing consensus that two clouds -- or even more -- are better than one. For reasons ranging from compliance to disaster recovery, an increasing number of organizations are choosing to extend their IT environments across private and public clouds. And as they do, the hybrid cloud market will soar from $25.28 billion in 2014 to $84.67 billion in 2019, according to estimates from research firm MarketsandMarkets.