Over the summer, the company launched Google Apps for Government and announced that it had received FISMA (Federal Information Security Management Act) certification, which allowed it to store sensitive, yet unclassified, information, which makes up about 80 percent of all government data.
Google (GOOG) and a reseller of its products have filed a lawsuit against the U.S. Department of the Interior after the agency solicited bids for cloud-based e-mail and messaging services specifying that bidders must use Microsoft (MSFT) products.
According to the result of a new survey published by MeriTalk, an online community for government IT professionals, 85 percent of federal information security leaders have not utilized CyberScope, an online reporting tool designed to reduce the amount of wasted dollars the government spends annually on cyber security compliance reports. Of those that have used CyberScope, the survey entitled “FISMA’s Facelift: In the Eye of the Beholder,” found that everyone has given the tool an “A” or “B” rating.
In an effort to make cloud solutions more easily available to government agencies, the US General Services Administration (www.gsa.gov) has awarded 11 companies a five-year, government-wide Blanket Purchase Agreement to make Infrastructure as a Service solutions available to all levels of government through the gateway “Apps.gov”.
CyberScope represents a major shift in the way federal agencies report their compliance with the Federal Information Security Management Act, the law governing government cybersecurity. The goal, officials have repeatedly said since announcing the tool late last year, is to place an emphasis on operational security as opposed to meaningless, once-a-year compliance reporting.
If you had any question whether app stores were a passing fad, the answer probably lies with apps.gov, an app store by and for government agencies……
The GSA also takes care of all the acronyms as well. The sites are FISMA and 508 compliant, and the relevant PIAs have been completed, which is bureaucratic shorthand for saying the apps passed a security test, are accessible to those with disabilities and have fulfilled the relevant privacy reporting requirements
CyberScope is supposed to be the federal government’s new standard tool for continuous security monitoring. So far, however, the vast majority of federal CIOs say they don’t understand the technology’s mission and goals, and only 15 percent have used it at all.
The deadline for filing FISMA security compliance reports using the new CyberScope tool is Nov. 15.
The recently released results of a security audit performed on the various systems used by the US-CERT to accomplish its cybersecurity mission revealed an unpleasant reality: a total of 671 unique vulnerabilities – 202 of which were high-risk – have been detected on the Mission Operating Environment (MOE) system.
Network security audits are getting a lot of coverage these days thanks to standards like SOX, PCI-DSS, and HIPAA. Even if you don’t need to comply with any of those standards, business relationships with partners or customers may require you to show that your network is secure.
Google has landed an important federal certification for encryption and security. An official Google blog post said that the company has received Federal Information Security Management Act (FISMA) certification and accreditation from the U.S. government for its Google Apps office productivity suite, including Gmail.