Security

IT professionals continue to cite security concerns as one of the largest barriers to cloud migration. Uniform government standards specific to cloud computing have yet to be finalized, leaving important questions regarding data availability and integrity unanswered. SafeGov.org aims to provoke discussion related to these concerns as well as raise awareness of the ways in which cloud computing could ultimately strengthen existing security measures.

Could face recognition be on police body-worn cameras by 2017?

Planet Biometrics,  Thursday, July 21, 2016

Law enforcement officials have commended plans to install face recognition on body-worn police cameras that could directly check against warrant records in the cloud.

Enterprise encryption adoption up, but the devil's in the details

Mark Gibbs, Network World,  Thursday, July 21, 2016

A new survey by the Ponemon Institute finds that enterprise-wide encryption strategies are accelerating but there are risks to consider.

A Breakthrough in Trans-Atlantic Data Flow and Privacy

Justin Antonipillai and Ted Dean,  Wednesday, July 20, 2016

Privacy Shield, as you may know, will guide how US and EU companies will protect the privacy of personal data of EU individuals that gets transmitted to our nation, and speed digital commerce across the Atlantic. Commerce has the lead on the US side to carry out the framework, working with other US agencies and our EU counterparts. For more details, see the Privacy Shield materials – Secretary Pritzker’s remarks, fact sheet and FAQs, and a guide for companies to sign up – posted July 12 on Commerce.gov. Also see our testimony to the European Commission on March 17, and my (Justin) speech to the TRUSTe Privacy Risk conference on June 8 in San Francisco.

How the feds helped build the cloud

David Chernicoff, Datacenter Dynamics,  Wednesday, July 20, 2016

By the end of 2016, as part of the DCOI, there will be a freeze on new data centers or significant data center expansions without direct approval of the Office of Management and Budget’s Office of the CIO (OFCIO). Agencies will be required to use the following guidelines, in the order listed below, as part of their consolidation efforts...

Microsoft wins a signal court victory for cloud privacy against the U.S. government

Jeff Gould by Jeff Gould, SafeGov.org
Tuesday, July 19, 2016

To the surprise of many, Microsoft has just won a historic court case defeating efforts by the U.S. government to seize private data held by the firm’s customers overseas. According to a U.S. Appeals Court ruling, Federal prosecutors cannot use search warrants to grab the content of email messages from data centers located outside the United States, even when these facilities are owned and operated by a U.S. cloud provider such as Microsoft.

It's Time to Update the 30-Year-Old Electronic Communications Privacy Act

Julie AndersonKaren Evans by Julie Anderson, AG Strategy Group
Karen Evans, KE&T Partners
Tuesday, July 19, 2016

Many Americans may not understand why this decision is relevant to their daily lives: The federal government asserted tech companies own individuals’ personal information such as emails and photographs, and not the individuals themselves. This would give your personal information less privacy protection than the family notes you place in your dresser drawer at home. Multiple branches of government have important responsibilities in remedying this problem. The Court of Appeals has acted. Now, it’s time for Congress to modernize an outdated law.

Microsoft publishes CJIS Implementation Guidelines to help Law Enforcement Agencies

Rochelle Eichner, Microsoft Azure Government Blog,  Tuesday, July 19, 2016

The Criminal Justice Information Services Division (CJIS) Implementation Guidelines is designed to provide insight into the CJIS security controls applicable to Microsoft Cloud services, and provide guidance to law enforcement agencies on where to access detailed information to assist in CJIS audits. This document provides guidelines and resources to assist CJIS Systems Agencies (CSA) and law enforcement agencies (LEA) in implementing and utilizing Microsoft Government Cloud features. The CJIS Implementation Guidelines are applicable for Azure Government, Office 365 Government and Dynamics CRM Online Government.

Can 18F's Cloud.gov pass FedRAMP review?

Troy Schneider, FCW,  Tuesday, July 19, 2016

When the Federal Risk and Authorization Management Program unveiled its new "FedRAMP Accelerated" process in March, 18F's Cloud.gov project was one of three test drivers for the new approach. More than three months later, Cloud.gov is still not through all the hoops.

The best cloud partnership: More security, savings and innovation

Michael Beckley, GCN,  Monday, July 18, 2016

As private companies race each other to replace outmoded IT systems with cloud services, the federal government falls further and further behind in cloud adoption. The usual culprits are easy to find: byzantine procurement and cloud certification requirements, IT and security leaders overestimating risks while underestimating savings and a culture that rewards outsourcing IT strategy -- and responsibility -- to the lowest bidder. But there are other factors as well.

A Key Win by Microsoft

Tracy Mitrano by Tracy Mitrano, Mitrano & Associates
Sunday, July 17, 2016

Mark the Second Circuit decision in the Microsoft case as a turning point. The win for Microsoft is a victory for U.S. innovation, manufacturing and Internet companies, privacy advocates, and legal due process. The Court held that the Electronic Communications Privacy Act (“ECPA,” and specifically in this case, Title II, Stored Communications) does not extend beyond the United States and its territories. Its reasoning does yet more.