A FedRAMP ATO, defining info sharing and GIGO lives
News and notes from around the federal IT community.
VMware gets FedRAMP ATO
Cloud infrastructure provider powerhouse VMware has achieved provisional authority to operate through the Federal Risk and Authorization Management Program.
The company said Feb. 4 that its VMware vCloud Government Service, hosted in Carpathia data centers, had received the FedRAMP ATO.
The pool of ATO-approved cloud service providers is still relatively small, but growing -- the mix also includes Autonomic Resources, Amazon Web Services, Akamai, AT&T, HP, IBM, Lockheed Martin, Microsoft, Oracle, Salesforce and Verizon. GSA officials have said that an area of focus for FedRAMP in the coming months will be to engage with agencies directly and help them complete more ATOs.
CloudCIO.gov lists VMware on its Joint Authorization Board (JAB) provisional authorizations list. The JAB is the primary governance and decision-making body for the FedRAMP program, reviewing and providing joint provisional security authorizations for cloud.
VMware said its offering is now generally available to the federal government, and will smooth the way for more hybrid cloud solutions in agencies. The vCloud Government Service is based on VMware's vSphere platform, which the firm said is already used by all cabinet level agencies, all military services, and all three branches of government.
White House: Let's clearly define 'information sharing'
White House cybersecurity adviser Michael Daniel said Feb. 5 that more clearly defining information sharing between the public and private sectors might help allay privacy concerns about the practice.
"Information sharing" is shorthand for the sharing of cyber threat data between and among private firms and government agencies, and is the centerpiece of legislation that has long stalled on Capitol Hill. With a term like information sharing, "people can conjure up all sorts of things that it might be," Daniel said on a Feb. 5 webinar hosted by Bloomberg Government.
Limiting the information shared to cyber "threat indicators" such as routing information and IP addresses is one way to protect privacy in the process, the Obama administration has argued.
Large-scale hacks like the one revealed Feb. 4 of health-insurer Anthem Inc. bring "a renewed focus to the problem both on the Hill and within the executive branch," Daniel said, adding: "I am trying to make the most of the phrase: Never let a good crisis go to waste."
Daniel said he was optimistic Congress and the White House could find common ground on information-sharing legislation.
GIGO is alive and well
Federal agencies relying on data aggregation and analytics to enhance citizen services and understand social, scientific and financial trends. Given the meteoric rise in the uses of data aggregation, as well as a growing reliance on its methods, accuracy is paramount.
But in a startling increase from last year, 1,200 respondents to a global study believe 26 percent of their data is inaccurate, GCN reports. In the United States, 32 percent of respondents made that assessment.