U.S. government wants in on the public cloud, but needs more transparency

[InfoSec News <alerts () infosecnews org>]

http://www.computerworld.com/article/3006360/security/us-government-wants-in-on-the-public-cloud-but-needs-more-transparency.html

By Blair Hanley Frank
IDG News Service
Nov 18, 2015

The federal government is trying to move more into the cloud, but service 
providers' lack of transparency is harming adoption, according to Arlette 
Hart, the FBI's chief information security officer.

"There's a big piece of cloud that's the 'trust me' model of cloud 
computing," she said during an on-stage interview at the Structure 
conference in San Francisco on Wednesday.

That's a tough sell for organizations like the federal government that 
have to worry about protecting important data. While Hart said that the 
federal government wants to get at the "enormous value" in public cloud 
infrastructure, its interest in moving to public cloud infrastructure is 
also tied to a need for greater security.

While major providers like Amazon and Microsoft offer tools that meet the 
U.S. government's regulations, not every cloud provider is set up along 
those lines. In Hart's view, cloud providers need to be more transparent 
about what they do with security so the government and other customers can 
verify that their practices are sufficient for protecting data.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/