Policy & Procurement

Government policy and regulation regarding the procurement and use of cloud computing technologies is still in its nascent stages. This portion of the SafeGov.org site focuses on current policy and procurement issues related to cloud adoption in the public sector, including analyses of Federal, state, and local issues, developments in higher education, and related laws, regulations, and directives.

Google, Microsoft Resolve Patent Fight Over Phones, Xbox

Susan Decker and Dina Bass, Bloomberg,  Wednesday, September 30, 2015

Google Inc. and Microsoft Corp. have agreed to end their long-running patent feud over smartphones and video game systems, dropping about 20 lawsuits in the U.S. and Germany. The companies pledged in a statement to work together in other ways related to intellectual property, including development of a royalty-free, video-compression technology to speed downloads, in an initiative that also involves Amazon.com Inc. and Netflix Inc. They will also lobby for specific rules on a unified patent system throughout Europe.

Microsoft Opens Private High-Speed Cloud Connections for Government

Jason Shueh, Government Technology,  Tuesday, September 29, 2015

Microsoft announced the addition of ExpressRoute to its Azure Government cloud. The connection tool is meant to manage petabytes of data (1 petabyte equals 1 million gigabytes), and the server connection bypasses the public Internet entirely. The obvious benefit of the feature is security, but marketing executives in Redmond, Wash., are also selling ExpressRoute on its big data processing capacity — something it reports to be 100 times faster, with data transfer speeds (throughput) at nearly 10 GB per second.

You can bet on cloud without going all-in

Jim Benson, Federal Times,  Monday, September 28, 2015

By now, the cloud is hardly some new thing to be approached with caution. In fact, adoption is growing so pervasive, that nearly two-thirds of global tech professionals say they expect their companies to run 100 percent of their IT in the cloud by 2020, according to industry research. Unfortunately, the federal government is far from moving forward with a similar transition: Most agencies are allocating 3 percent or less of their overall IT budget to cloud services, according to research conducted by the U.S. Government Accountability Office. Overall, the percentage of IT spending devoted to cloud services has only increased 1 percent in the last three years.

The Cloud Gets More Popular and Complex

Steve Towns, Government Technology,  Saturday, September 26, 2015

After some initial skepticism, government agencies are embracing the cloud. That’s putting pressure on public-sector IT organizations to deliver a new class of cloud solutions to their customers. Georgia is a good example. With agency customers asking both for more and more complex cloud services, the Georgia Technology Authority (GTA) is developing an enterprise approach to cloud, and thinking about the type of support and resources agencies will need to deploy more sophisticated cloud services successfully and securely.

Google Said to Be Under U.S. Antitrust Scrutiny Over Android

David McLaughlin, Bloomberg Business,  Friday, September 25, 2015

Google Inc. is back under U.S. antitrust scrutiny as officials ask whether the tech giant stifled competitors’ access to its Android mobile-operating system, said two people familiar with the matter. The Federal Trade Commission reached an agreement with the Justice Department to spearhead an investigation of Google’s Android business, the people said. FTC officials have met with technology company representatives who say Google gives priority to its own services on the Android platform, while restricting others, added the people, who asked for anonymity because the matter is confidential.

DHS working with FedRAMP, CIO Council to boost agency use of cloud computing services

Dibya Sarkar, Fierce Government IT,  Friday, September 25, 2015

With FedRAMP and several agencies, DHS is developing recommendations for additional security controls to establish a "high confidentiality, high integrity high availability in cloud environments," he said during a congressional hearing in San Antonio on cloud adoption by agencies.

EU launches inquiry into web companies' online behavior

Julia Fioretti, Reuters,  Thursday, September 24, 2015

The European Commission on Thursday launched an inquiry into the behavior of online companies such as Google, Facebook and Amazon to try to gauge whether there is a need to regulate the web. The public consultation seeks answers on a broad range of issues, from the contractual restrictions online groups may impose on other businesses, for example, companies seeking to display ads, to how proactive they should be in removing illegal content online.

Public sector fighting hidden costs of cloud computing, report reveals

James Bourne, Cloud Tech,  Thursday, September 24, 2015

Even though the public sector is adopting cloud as a key part of its IT strategy, new research from Sungard Availability Services has revealed the sector is facing a large number of challenges in managing and operating cloud environments. According to the report, entitled ‘Digital by Design: Avoiding the cloud hangover in the UK public sector’, UK public sector organisations are spending over £300 million each year on ‘hidden costs’ associated with their cloud computing projects. The research, which polled 45 senior IT decision makers in the UK public sector, also found that more than three quarters (82%) of respondents had encountered some form of unplanned cloud spend.

Microsoft cuts deals in China with government organizations and companies

John Ribeiro, CIO,  Thursday, September 24, 2015

Microsoft announced three new tie-ups in China on the same day that the country's President Xi Jinping and a delegation visited its campus at Redmond, Washington. The seven deals with Chinese companies and government institutions will likely give Microsoft greater access to the country's large market. Other companies like Cisco Systems and Hewlett-Packard have also announced ties with Chinese companies, a market that has been proving complex for U.S. companies because of the strong backing of the government for local players.

Cloud Computing and Research Data

Tracy Mitrano, Inside Higher Ed,  Tuesday, September 22, 2015

Review the Business Associate’s Agreement (BAA) because there is vendor variation among them. Not all BAAs are alike. Some fully meet legal requirements to protect the institution, and others not so much. It is critical to test the veracity of the statements and commitments made in BAAs with third-party audits, for example a successful ISO audit w/27018 controls as a decent proxy for HIPAA privacy and security rule requirements. Careful attention to the quality of these documents will lower institutional risk and raise the bar among vendors. These efforts will continue an on-going process of harmonizing standards in cloud computing contracts. Make sure your legal counsel has seen the BAA, been in contact with the leading attorneys who set the bar for appropriate or consult NACUA or ACE documents designed for this purpose.