Verisign Inc. may have followed the letter of the law when revealing a series of breaches in an SEC filing. But the company that assures the flow of a hefty portion of Internet traffic should have been more forthright to ease the minds of its various constituencies.
The controls create a baseline to properly address the unique elements of authorizing cloud products and services, including multi-tenancy, control of an infrastructure and shared resource pooling, Homeland Security CIO Richard Spires says.
Veterans Affairs may have been biased when it awarded last year a high-bid, $133 million IT security services contract to the incumbent provider, the consultancy Booz Allen Hamilton, a VA inspector general audit contends.
Federal CIO Steven VanRoekel issues a memorandum ordering agency and departmental CIOs to use the new Federal Risk and Authorization Management Program to assess, authorize, procure and continuously monitor cloud computing offerings.
Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.
Heavily regulated industries like banking and healthcare have been reluctant to make the virtualized leap to the cloud, fearing a loss of control could open them to unforeseen risk. Are their concerns unfounded?