After reading through the CyberSecurity Strategy and Implementation Plan (CSIP) I was impressed with its scope and relatively clear terminology, acronyms notwithstanding, and how it outlined federal strategy. I expect the timelines to be challenging, though. Working in a multi-national, Fortune 500 company, I know that if you don’t already have some information collected and… Continue reading CSIP Looks Good
Early in August I commented on the implications of a US district court’s judgement that Microsoft had to turn over e-mail from alleged UK nationals who’s e-mail stored in a data center in Ireland. At the time of the judgement the judge stayed the ruling pending Microsoft’s appeal. This appears to have been a procedural mistake.… Continue reading Current Event: International Man of Privacy
Thursday (7/31/14), Microsoft was ordered by a US federal court to turn over e-mail that’s stored on a Microsoft server in Dublin, Ireland. The ruling was stayed, pending Microsoft’s appeal. The implication for Cloud companies based in the US (Microsoft’s Azure and Office 365, Evernote, Apple’s iCloud and Google’s Gmail to name a few biggies) is that… Continue reading Current Event: Are Privacy Bits Special?
“Cloud first” is an approach I’ve heard articulated as a means to delivering on business objectives. The policy I’ve heard has referenced if not been predicated on the fact that the US government is implementing this policy in their federal agencies. My first thought: how is the government accomplishing such a presumably agile, flexible and… Continue reading Cloud First, US Gov Style (FedRAMP)