A federal program created to protect the government against cyber threats authorized a sprawling Microsoft cloud product, despite the company’s inability to fully explain how it protects sensitive data.
  • “Cloud First”: To move federal agencies to the cloud, the government created a program known as FedRAMP, whose job was to ensure the security of new technology.
  • Security Breakdown: ProPublica found that FedRAMP authorized a Microsoft product called GCC High to handle sensitive government data, despite years of concerns about its security.
  • Potential Conflict of Interest: The government relies, in part, on third-party firms to vet cloud technology, but those firms are hired and paid by the company being assessed.
  • 4am@lemmy.zipEnglish
    51·
    1 day ago

    Tell that to literally every hospital, medical provider, and insurer in the United States.

    They’re all using AWS, and OneDrive.

    • IchNichtenLichten@lemmy.wtfEnglish
      4·
      22 hours ago

      That’s news to me. Every time to vendor tries to get me to switch to their cloud product I tell them to get lost. I’m not willingly handing over patient data to these clowns, I’ve seen how bad they are at security.

    • atomicbocks@sh.itjust.worksEnglish
      4·
      1 day ago

      I am a software developer who does custom EMR software specifically because the places I work for can’t use the cloud. But okay I will try…