GSA engages industry on special cloud acquisition category

Grazed from FedScoop.  Author: Billy Mitchell.

The emergence of cloud computing as a high-demand IT solution hasn’t been the clearest in terms of procurement. But now that it appears the technology is here to stay, the General Services Administration wants to create a cloud category in the federal government’s largest acquisition vehicle to make it easier to find and buy.

GSA hosted an onsite industry day Tuesday soliciting feedback from vendors on its proposed addition of a special item number (SIN) for cloud computing to its IT Schedule 70 acquisition vehicle...

Cloud Consistency: The U.S. Government Cloud Computing Technology Roadmap

Grazed from MSPMentor.  Author: Michael Brown.

The National Institute of Standards and Technology (NIST) released its final version of the US Government Cloud Computing Technology Roadmap, Volumes I and II recently. The roadmap provides international guidelines, objectives and “Priority Action Plans” for cloud computing, with the hope of improving cybersecurity for the United States' critical infrastructure and individual organizations.

Taking into consideration over 200 comments from other nations worldwide, this document covers a wide range of relevant ideas, challenges and recommendations related to cloud management and deployment. But is there really a point in trying to impose standards and define a technology that is still at the very beginning stages of its evolution?...

NIST marks top security requirements for government cloud

Grazed from GCN. Author: William Jackson.

Cloud computing offers both unique advantages and challenges to government users. The advantages are well-advertised: Greater efficiency, economy and flexibility that can help agencies meet rapidly changing computing needs quickly and cheaply while being environmentally friendly.

Among the challenges, security is the most commonly-sited concern in moving mission-critical services or sensitive information to the cloud. To address this, a recently released roadmap from the National Institute of Standards and Technology recommends a plan to ensure cloud offerings meet government security needs while being flexible enough to adapt to the policies and requirements of multiple tenants, including foreign governments...

DoD's new cloud policy coming in two weeks

Grazed from FederalTimes. Author: Aaron Boyd.

The Department of Defense will be releasing an updated cloud computing policy within the next two weeks, acting department CIO Terry Halvorsen said Thursday. The re-write of the 2012 policy is intended to speed up the procurement process by giving more purchasing authority to individual agencies.

“I was not really thrilled with the original cloud policy that came out,” Halvorsen said. “Mostly because I don’t think we were getting the cloud fast enough.” Noting that you should be careful what you wish for, Halvorsen was tasked with revamping the existing policy to speed up the process without sacrificing agencies’ strict security needs...

Read more from the source @

FBI moves to expand computer search powers, complicating Microsoft's push to protect overseas cloud customers

Grazed from GigaOM. Author: Jeff John Roberts.

Microsoft is the midst of a defiant stand against the federal government, insisting that a U.S. search warrant can’t force it to turn over emails located on a server in Ireland. The company has even taken the unusual step of opening itself to a contempt of court order, as part of a larger plan to reassure cloud computer customers in other countries that their data is safe from U.S. surveillance.

But now Microsoft’s high-profile legal campaign, which has received support from the likes of Apple and Cisco, could get under cut from another quarter: the FBI is quietly lobbying Congress to rewrite the rules for search warrants in order to expand their reach. If the lawmakers agree, this would mean that “searches” authorized by American judges would no longer be restricted to a specific geographic location in the United States (which is how search warrants typically work.)...

DOD's Vision for a Commercial Cloud Ecosystem

Grazed from FedTechMagazine. Author: Nicole Blake Johnson.

There was a time when Defense Department officials balked at the idea of integrating commercial cloud services with military networks, let alone hosting sensitive data in a contractor-owned facility. But those sentiments are evolving, along with the options DOD is considering for developing a commercial cloud ecosystem for its users.

The department is exploring two private cloud deployment models that would put commercial cloud technologies in DOD data centers or adjacent to them, the Defense Information System Agency noted in a request for information last month. As the entity charged with tracking how DOD operates cloud connection points and what technology is operating across the network, DISA is exploring those models' viability and whether they warrant a request for proposal to industry...

DISA in Compliance with Cloud Security Standards

Grazed from NextGov. Author: Editorial Staff.

The Defense Information Systems Agency currently offers its military customers certified cloud computing services from three vendors and has another seven under assessment for compliance with governmentwide security standards, top agency officials told Nextgov. FedRAMP reviews aim to speed the adoption of cloud deployments across government by allowing cloud services to be vetted once – at a particular security level – and then deployed by a multitude of agencies. Agencies must comply with FedRAMP as a matter of federal policy.

But as noted in a recent review from the Council of Inspectors General on Integrity and Efficiency, neither the FedRAMP program office nor the Joint Authorization Board -- made up of the chief information officers of General Services Administration and the departments of Defense and Homeland Security -- can force agencies to comply with FedRAMP...

Read more from the source @

Regulation Lagging for Cloud-Based Government Data

Grazed from CorpCounsel. Author: Marlisse Silver Sweeney.

It seems that government-based auditors and general counsel may have their heads in the clouds, at least with respect to accessing data that’s stored there, according to Sandra Jontz in Insurance News Net. She says the U.S. government’s rush to adopt cloud-computing technologies “left policy aperture fraught with challenges that caught some agencies unprepared—particularly adjuncts in inspector general and general counsel offices.”

Take, for instance, the Office of Management and Budget. Its policies require agencies to adopt “cloud-first” technology. Yet the same policies don’t provide contract language guaranteeing GCs will have access to the data stored by these commercial cloud services for internal investigations, says Jontz...

Read more:

Microsoft says NSA spying hit trust in the cloud

Grazed from SCMagazine. Author: Doug Drinkwater.

The firm's principal cyber-security strategist Jeff Jones was presenting at the IP Expo Europe exhibition in London on Thursday, where he suggested that the leaks from NSA whistleblower Edward Snowden had impacted the Redmond technology giant and the cloud computing market as a whole.

The firm claims to offer more than 200 cloud service products but has been in the headlines for all the wrong reasons over the last 18 months; first over claims that SkyDrive was continually tapped by the NSA, and then over the US DOJ decision that the government could view information held at its non-US data centres...

Three new (and a few old) cloud computing challenges stymie government rollouts

Grazed from NetworkWorld. Author: Editorial Staff.

In 2012 when the Government Accountability Office reviewed the feds cloud computing effort, it found seven core challenges to moving impeding the administrations’ move toward the cloud. In the two years that have passed, the GAO this week reported that government agency use of cloud computing has grown, but a few new challenges have cropped up that hinder widespread cloud adoption.

Lets start with cloud adoption. The GAO reviewed the same seven agencies in 2014 it had in 2012, including the Departments of Agriculture and Homeland Security. “Each of the seven agencies reviewed implemented additional cloud computing services since GAO last reported on their progress in 2012. For example, since then, the total number of cloud computing services implemented by the agencies increased by 80 services, from 21 to 101...