How Much Does the EPA Invest in Cloud? Agency Officials Not SureHow Much Does the EPA Invest in Cloud? Agency Officials Not Sure
A new report indicates U.S. Environmental Protection Agency (EPA) officials do not know how many cloud computing contracts they have.
July 29, 2014
How often does the U.S. Environmental Protection Agency (EPA) use cloud services? Your guess is as good as mine.
A new report indicates EPA officials do not know how many cloud computing contracts they have.
The report, “EPA Is Not Fully Aware of the Extent of Its Use of Cloud Computing Technologies,” also showed EPA officials are uncertain about the security of these contracts.
The EPA’s Office of Inspector General (IG) audited several agencies, examining their adoption of cloud computing technologies and reviewing executed contracts between an agency and cloud services providers (CSPs) for compliance with applicable standards.
Key findings included:
The EPA did not know when its offices were using cloud computing.
The EPA should improve the oversight process for prime contractors.
There is no assurance the EPA has access to a subcontractor’s cloud environment for audit and investigative services.
The IG disputed the number of EPA contracts in place as well.
While the EPA said it had 11 cloud contracts, the IG questioned this total because not all of the agency’s results included the word “cloud” in procurement descriptions.
An EPA spokesperson could not be reached for comment about the report as of 2 p.m. ET.
How will the EPA respond?
The Federal Risk and Authorization Management Program (FedRAMP) is key for the EPA and other government agencies that want to deploy cloud applications and services.
This program takes the guesswork out of cloud computing for government entities because it standardizes authorization, monitoring and security assessments for cloud products and services.
EPA officials, meanwhile, will need to address oversight concerns to better manage their partnerships with CSPs.
“Our audit work disclosed management oversight concerns regarding the EPA’s use of cloud computing technologies,” the IG said in its report. “These concerns highlight the need for the EPA to strengthen its catalog of cloud vendors and processes to manage vendor relationships to ensure compliance with federal security requirements.”
About the Author(s)
You May Also Like
AWS re:Invent Partner, Vendor News: Cisco, Salesforce, MoreDec 01, 2023
People on the Move: Comcast, Cisco, NICE, TPx, Barracuda, MoreNov 29, 2023
AWS re:Invent 2023 Partner News: Marketplace, Salesforce, Certs, MoreNov 29, 2023
AWS re:Invent Expo: VMware, Snyk, HPE, More Showcase Cloud, Security, AINov 28, 2023