- “Cloud First”: To move federal agencies to the cloud, the government created a program known as FedRAMP, whose job was to ensure the security of new technology.
- Security Breakdown: ProPublica found that FedRAMP authorized a Microsoft product called GCC High to handle sensitive government data, despite years of concerns about its security.
- Potential Conflict of Interest: The government relies, in part, on third-party firms to vet cloud technology, but those firms are hired and paid by the company being assessed.
This isn’t surprising to me in the slightest. I’ve been part of a small team tasked with assessing products and services for larger enterprises before and they’d almost always look over our findings nod a bunch and then go with the company whose rep took them out to a fancy dinner or gave them kickbacks.