NIST: Cryptographic key management a challenge in the cloud

Molly Bernhart Walker, FierceGovernmentIT,  Monday, September 30, 2013

Generating and interacting with data in the cloud requires security capabilities dependent on the cryptographic keys--but managing these keys is complex in a cloud environment, says the National Institute of Standards and Technology in a recently published interagency report (.pdf).

Microsoft follows Amazon in gaining critical US gov certification

Jack Clark, The Register,  Monday, September 30, 2013

Microsoft has gained a US federal government certification that makes it easier for agencies to buy cloud services from Redmond. The company announced on Monday that the platform-as-a-service and infrastructure-as-a-service components of its Windows Azure cloud have been given a Joint Authorization Board (JAB) provisional version of the FedRAMP certification.

Will the European Union Ban Data Mining of Student School Content?

Bradley Shear by Bradley Shear, Law Office of Bradley S. Shear
Monday, September 30, 2013

To lower costs and increase efficiencies a growing number of educational institutions are transitioning from utilizing internal servers to external cloud based services. Well known technology companies such as Amazon, Google, HP, IBM, Microsoft, and Oracle are competing to become the go-to cloud service provider for schools.

How to ensure rogue cloud services don't leave you in the lurch

Alan Conley, Network World,  Friday, September 27, 2013

Bring Your Own Cloud (BYOC) is often associated with personal services like Dropbox, but internal business units have also been known to sign up for cloud services without IT’s knowledge, raising questions about everything from security to business service expectations.

GAO: Mixed results thus far implementing FISMA

Frank Konkel, Federal Computer Week,  Friday, September 27, 2013

Federal agencies have improved compliance with information security requirements under the Federal Information Security Act , but checking all the boxes has not translated into taking full advantage of the enhancements that are available, according to a Government Accountability Office report issued to Congress Sept. 26.

Google: failure to comply before deadline set in the enforcement notice

CNIL,  Friday, September 27, 2013

On 20 June 2013, the CNIL’s Chair had ordered Google to comply with the French data protection law within 3 months. On the last day of this period, Google responded to the CNIL. Google contests the reasoning of the CNIL and has not complied with the requests laid down in the enforcement notice.

Poll: On Privacy, IRS and NSA Deemed More Trustworthy Than Facebook and Google

Emily Ekins, Hit & Run Blog Reason.com,  Friday, September 27, 2013

Even in the wake of the NSA data collection scandal, and amidst on-going wariness of the IRS, Americans trust these organizations to protect their privacy and personal information far more than they trust Facebook and Google to do the same.

NIST puts finishing touches on critical infrastructure cyber framework

Jared Serbu, Federal News Radio,  Thursday, September 26, 2013

The National Institute of Standards and Technology says it's the "end of the beginning" for the drafting of the nation's first-ever cybersecurity framework for protecting critical infrastructure. The agency says the document is essentially finished, and should be ready for release by its due date in a few weeks.

SafeGov Calls On European DPAs to Investigate Privacy Terms of School Cloud Services

Jeff Gould by Jeff Gould, SafeGov.org
Thursday, September 26, 2013

SafeGov today addressed a letter to France’s Commission nationale de l'informatique et des libertés (CNIL) and the Chairman of the Article 29 Working Party of European Data Protection Authorities (DPAs) requesting that they investigate possible violations of the privacy rights of European school children.

Cloud Computing Jeopardizes Student Privacy, Report Warns

Benjamin Herold, Education Week,  Thursday, September 26, 2013

The growing use of remote, Internet-based cloud computing services by European schools is putting students there at risk of being "tracked and profiled for online advertising purposes," concludes a new report by SafeGov.org, an online forum for IT industry experts.