IGs and cloud, smartphones and predators, and more
News and notes from around the federal IT community.
IGs seek consistency, access in agency cloud deals
Federal agencies aren't taking the investigative or audit needs of inspectors general into account when entering into deals with cloud service providers, according to a September report from the IG community.
After reviewing 77 cloud contracts that were active in fiscal 2014 and represent a total value of $1.6 billion, the Council of the Inspectors General on Integrity and Efficiency found that 34 contracts did not include requirements for data preservation, and 61 did not allow investigators unfettered access to cloud service providers' systems for criminal probes and other purposes. Additionally, 54 contracts did not give IGs access to documentation, databases and facilities for inspections or investigations.
IGs need such access to investigate possible malfeasance on the part of federal employees and abuse of federal systems, and to audit security requirements for cloud systems under the Federal Information Security Management Act.
IGs want the Office of Management and Budget to take the lead on developing a template for agencies to follow when they develop requirements for cloud projects and write contracts with cloud service providers. The gaps in IGs' authority "occurred in part because there is not a single, authoritative source that specifies the requirements agencies should consider when procuring cloud computing services and that requires federal agencies to incorporate those requirements into cloud computing contracts," the report states.
IGs also want to put some teeth in the Federal Risk and Authorization Management Program to ensure that agencies comply with cloud safeguards established by OMB. The council's report states that 59 federal cloud systems were out of compliance with FedRAMP security requirements despite a June 5 deadline. The council recommends an improved reporting process to ensure FedRAMP compliance.
Finally, IGs want a better way for agencies to accurately inventory their cloud systems as part of continuous monitoring of federal networks.
ICE expands options for Operation Predator app
Immigration and Customs Enforcement has cast an even wider net to catch child predators by releasing Spanish and Android versions of its smartphone app designed to help locate suspected child predators.
The expansion comes a year after ICE introduced its Operation Predator app for Apple iPhones last September. Within 36 hours of the app's release, the agency had nabbed its first predator using information gathered via the app. Mark Robert Austin was sentenced in June to eight years in prison for downloading more than 100 images and possessing nearly a dozen child pornography videos.
The Apple iPhone version of the app has been downloaded more than 93,400 times since its launch in 2013, ICE said. On Oct. 7, officials announced that the app is now available for Android smartphones and in Spanish for both the Apple and Android versions.
According to the agency, the Spanish versions are built into iOS and Android applications and do not require additional downloads. Users who already have the iOS version will need to update the app or download it again from the Apple Store or iTunes.
Operation Predator allows users to receive alerts about wanted predators, share information with friends via email and social media, and provide online tips to the agency's enforcement arm, Homeland Security Investigations.
DOD acquisition official to join CSIS
Andrew Hunter, a key liaison from the Defense Department to Congress in the ongoing effort to reform the defense acquisition process, is leaving DOD to accept a position at the Center for Strategic and International Studies, a Washington-based think tank.
Hunter is currently director of the Joint Rapid Acquisition Cell in the Office of the Undersecretary of Defense for Acquisition, Technology and Logistics Frank Kendall.
Beginning in November, Hunter will be a senior fellow and lead a defense industrial research group at CSIS.
Kendall has said consolidating the many overlapping regulations that govern IT acquisitions was one of Hunter's chief tasks on Capitol Hill. A spokesperson for AT&L said the office does not have a replacement for Hunter at this time, but the position will be filled.