Cloud vendors: Forget continuous threat monitoring
The government drops a security measure it had planned to require of cloud vendors.
There will be no continuous threat monitoring required for cloud computing companies after all, according to a report in NextGov.
The White House has apparently dropped a requirement that had been necessary for certification to sell web services to the government, reports Aliya Sternstein. Until now, the rule was that companies would monitor for threats continuously and provide automated threat reports.
But officials at the General Services Administration haven't figured out how to force companies to provide the information. So -- for now, at least -- it's not required, Sternstein writes.