the Environmental Protection Agency (EPA) doesn't know how many cloud computing contracts it has or how secure they are, according to a recent audit by the agency's inspector general, in a report released last week. In at least one instance, the EPA may not have had access to a subcontractor's cloud for investigative purposes. Worse, that same subcontractor was not compliant with the Federal Risk and Authorization Management Program (FedRAMP), which sets security standards for cloud providers.
http://m.infoworld.com/d/cloud-computing/the-epa-doesnt-know-what-clouds-it-has-and-neither-do-you-247150
http://m.infoworld.com/d/cloud-computing/the-epa-doesnt-know-what-clouds-it-has-and-neither-do-you-247150
And some folks think the federal government can protect them. Hey, the feds don't even know what clouds it's using!
No comments:
Post a Comment