Like Countable?

Install the App
TRY NOW

house Bill H.R. 4505

Bringing the DOD into the Cloud

Argument in favor

Cloud computing is the future of organizations like the Department of Defense that use mountains of data. This bill will hep the DOD build a cloud-based security system that isn’t pocked with weak spots.

Argument opposed

Cloud security will be impossible to guarantee for the DOD’s massive computing infrastructure and countless classified documents. Not to mention, shifting to the cloud is a HUGE undertaking that the DOD isn't ready for.

bill Progress


  • Not enacted
    The President has not signed this bill
  • The senate has not voted
  • The house has not voted
      house Committees
      Intelligence and Emerging Threats and Capabilities
      Committee on Armed Services
      Committee on Oversight and Reform
    IntroducedApril 28th, 2014

What is House Bill H.R. 4505?

This bill would order the Comptroller General and the Chief Information Officer of the Department of Defense (DOD) to assess the Department’s cloud security needs.

Security is an increasing concern for cloud computing, which is a system where computing is done over a network of shared devices that are often accessed remotely. Cloud computing is attractive to industries and governments that frequently store and share large amounts of data. But its reliance on remote servers make data vulnerable to security breaches.


To determine the security requirements for the DOD’s cloud computing system, this bill would direct the Comptroller General to review cloud security practices used by other federal agencies and commercial entities. The Comptroller would also evaluate to what extent the DOD relies on cloud computing and to introduce cloud services wherever they aren’t being used.


The Chief Information Officer of the DOD would have several responsibilities related to cloud security:

  • Calculating the minimum security requirements needed for cloud storage of DOD information.
  • Assessing whether commercial cloud services have security measures that meet DOD standards.
  • Requiring all DOD cloud systems to be certified and accredited through the same process that commercial vendors use.
  • Conducting an analysis of the Defense Information Systems Agency that will be working with the commercial service providers developing the DOD’s cloud security.
  • Briefing the relevant Congressional committees within 30 days of any pilot demonstrations.

Impact

The Department of Defense, the Department’s current cloud services, the Comptroller General, and the Chief Information Officer of the DOD.

Cost of House Bill H.R. 4505

A CBO cost estimate is unavailable.

More Information

In-Depth:

Cloud computing is an attractive option for the Department of Defense, which spends a large chunk of funds on maintaining data on conventional servers. Several supporters of the bill note that the DOD has started putting unclassified data in cloud storage, which is cheaper and easier to manage.


Currently, many federal workers are wary of the security measures offered for cloud services. A survey found that 89 percent of federal IT professionals are reluctant to shift their data to cloud computing, and only one in five said they were completely confident in the security offered by their cloud vendor. This fear has been exacerbated by the recent theft of hundreds of nude photos of young female celebrities from cloud storage accounts.


Sponsoring Rep. Niki Tsongas (D-MA) noted that a comprehensive review of cloud security options will help the DOD find the best ones for fending off cyber attacks and safeguarding sensitive state data:

“Modern warfare requires modern technology and America must focus on remaining at the forefront innovation. In order to do so, the DOD must more effectively take advantage of technological advancements, such as cloud technology, but do so in a safe, efficient way.”

Media:

Sponsoring Rep. Derek Kilmer (D-WA) Press Release

GovInfoSecurity

NextGov

(Photo Credit: Wikimedia user Jeremy L. Wood)

AKA

DOD Cloud Security Act

Official Title

To direct the Comptroller General of the United States and the Chief Information Officer of the Department of Defense to assess the cloud security requirements of the Department of Defense.

    There are currently no opinions on this bill, be the first to add one!