Pentagon: $10 billion cloud contract that snubbed Amazon was legal

Amazon | April 16, 2020

The Pentagon's process for awarding a highly lucrative cloud computing contract to Microsoft instead of Amazon was in line with legal and government purchasing standards, a government watchdog agency said Wednesday. The Defense Department inspector general found no evidence of White House interference in the contract award process. But the report said investigators could not fully review that aspect of the matter because the White House would not allow unfettered access to witnesses. The contract, potentially worth $10 billion, was awarded to Microsoft last October, prompting tech rival Amazon to cry foul.

Spotlight

Security is top of mind for local government IT professionals. In fact, the National Association of State CIOs called it out, along with risk management, as the No. 1 technology priority for 2018 in a survey released in November. To gauge where agencies lie when it comes to security, the Public Technology Institute conducted a poll of local government IT officials on cyber and network security late last year and compiled the results into this infographic.

Spotlight

Security is top of mind for local government IT professionals. In fact, the National Association of State CIOs called it out, along with risk management, as the No. 1 technology priority for 2018 in a survey released in November. To gauge where agencies lie when it comes to security, the Public Technology Institute conducted a poll of local government IT officials on cyber and network security late last year and compiled the results into this infographic.

Related News

EMERGING TECHNOLOGY, CYBERSECURITY

Ermetic Initiates U.S. Federal Government FedRAMP Authorization for Authority to Operate

Ermetic | September 15, 2022

Ermetic, the cloud infrastructure security company, today announced that it has initiated the process to achieve Authority to Operate (ATO) status under the Federal Risk and Authorization Management Program (FedRAMP). FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The company also announced the appointment of Ben McGucken as regional vice president of sales for US Federal and Latin America, who will lead the company’s FedRAMP certification. In addition, the Ermetic cloud security platform now supports AWS GovCloud (US) and Azure for US Government – which are designed to address specific regulatory and compliance requirements of US government agencies at the federal, state, and local level that run sensitive workloads in the cloud. The company has engaged stackArmor, Inc, a leading provider of FedRAMP engineering and advisory services, to guide Ermetic through the FedRAMP ATO process. stackArmor and its team of experts have over a decade of experience assisting cloud service providers to ensure their solutions meet compliance standards including FISMA, FedRAMP and NIST. “We are pleased to partner with Ermetic on their FedRAMP journey toward an ATO, stackAmor's ThreatAlert is an integrated suite of security and compliance services deployed within the accreditation boundary. This also includes continuous monitoring designed to help companies like Ermetic reduce the level of effort and costs while accelerating the FedRAMP process.” -Martin Rieger, Chief Solutions Officer for stackArmor. Federal, state and local governments are using the cloud to provide better services for constituents, but need to address security risks, especially those associated with preventing breaches, detecting issues rapidly, and protecting personal information, said Shai Morag, CEO of Ermetic. Ermetic is embarking on the FedRAMP process to provide every level of government with a comprehensive solution for cloud native application protection. Ben McGucken joined Ermetic from data security vendor BitGlass where he was AVP of Sales for South and Latin America. He has also served in senior sales roles with ExtraHop, Palo Alto Networks and Layer 3 Communications. “Ermetic already supports AWS GovCloud and Azure for Government for customers that want to conduct proof of concept evaluations, As we move through the FedRAMP authorization process, government agencies can feel confident that the Ermetic platform is designed to meet the regulatory and compliance requirements they must comply with for cloud workloads.” -Ben McGucken regional vice president of sales for US Federal and Latin America. About Ermetic: Ermetic helps prevent breaches by reducing the attack surface of cloud infrastructure and enforcing least privilege at scale in the most complex environments. The Ermetic SaaS platform provides comprehensive cloud security for AWS, Azure and GCP that spans both cloud infrastructure entitlements management (CIEM) and cloud security posture management (CSPM). The company is led by proven technology entrepreneurs whose previous companies have been acquired by Microsoft, Palo Alto Networks and others. Ermetic has received funding from Accel, Forgepoint, Glilot Capital Partners, Norwest Venture Partners, Qumra and Target Global.

Read More

GOVERNMENT BUSINESS, GOVERNMENT FINANCE

Long County, Georgia Selects Springbrook's Cirrus Cloud ERP Financial Platform

Springbrook Software | October 04, 2022

Long County, GA is the latest local government agency to move from an on-premises solution to Springbrook's Cirrus Cloud Financial platform. The platform is designed from the ground up specifically for small to medium sized local government agencies. The town is utilizing Springbrook's fully integrated Cirrus Cloud ERP suite including Utility Billing, Finance, Cashless Payments, Municipal Payments and Cash Receipts. Long County sought a robust and secure ERP that could scale as their projected needs grow over the next few years and selected Springbrook after reviewing several other market offerings. "Springbrook fulfills our needs and will provide our citizens with the modern experience that they demand." -Bernice Johnson, Finance Director of Long County, GA. Springbrook is actively working with many small to medium sized municipalities in the southeast. The flexibility of the Springbrook cloud platform provides local government agencies with superior protection against cyber-attacks, the ability to work from anywhere, and will enable the County's personnel to effectively run their entire administrative operation safely from any browser. Cirrus is a true cloud-based system that does not require downloading any additional software for access. "We have invested a tremendous amount into building an entirely new platform with the goal of bringing the most powerful cloud-based solutions to small and medium sized municipalities. We are solely focused on this market segment and have been for over 35 years. Springbrook is constantly expanding our solution suite to deliver new and innovative products, like Advanced Capital Budgeting and Mobile Work Orders. Our goal is to make it as easy as possible for local agencies do their jobs efficiently and securely." -Robert Bonavito, CEO Springbrook. About Springbrook Software: Springbrook Software is the country's leading cloud-based finance and administration software provider designing solutions specifically for small to medium sized local government agencies. Nearly 2000 cities, towns and districts from coast to coast use our suite of modern, high-performance solutions to manage their finances, payroll, utility billing and collect citizen payments. Springbrook is headquartered in Portland, Oregon with regional presence in over 40 states, and seven countries internationally. About Long County, GA: Located in southeast Georgia, Long County occupies 400 square miles of the Atlantic Coast Flatwoods. The county is bordered by Liberty, McIntosh, Tattnall, and Wayne counties, and its entire southwestern boundary runs along the Altamaha River.Long County, designated in 1920 from lands in Liberty County. Long County, historically and currently, is a rural, agricultural area. The principal farm crop was once cotton, but by the 1970s it had been replaced by tobacco, corn, soybeans, and cattle. The pine forests of the region have always played an important role in the economy. As of the 2020 United States census, there were 16,168 people, 5,695 households, and 4,146 families residing in the county.

Read More

CYBERSECURITY

UK Government Approves Nine Entrust Solutions for G-Cloud 13 Program, including nShield as a Service

Entrust | November 08, 2022

Entrust, a global leader in trusted payments, identities and digital infrastructure, has had nine of its cloud and associated support services approved for the G-Cloud Framework. This platform enables public bodies in the UK to procure commodity-based, pay-as-you-go cloud services on government-approved, short-term contracts through an online catalogue called the Digital Marketplace. This streamlined procurement process supports the UK government’s ‘Cloud First’ policy and is a key component in the government's ambition to operate a cloud-native digital architecture. The Entrust services that are available on the latest iteration of the framework, G-Cloud 13 are as follows: Entrust nShield as a Service – cloud Hardware Security Modules Public Key Infrastructure (PKI), as either: Managed PKI – A bespoke & dedicated PKI without the need for in-house expertise PKI as a Service (PKIaaS) – Cloud based turnkey PKI SSL Certificates (through our partner Conosco) Identity as a Service (IDaaS) – Identity & Access Management with a broad array of authenticators Managed Certificate Hub – Certificate Lifecycle Management for public and private Certificate Authorities in your enterprise Managed Root Certificate Authority – high assurance Root of Trust for your PKI Managed Microsoft PKI – A managed bespoke and dedicated PKI within Azure Cloud support consultancy – design, onboarding, cryptography and PKI health checks for Entrust G-Cloud services The need to authenticate the identity of people, systems and things is challenging and growing. With the launch of G-Cloud 13, and the inclusion of these nine services from Entrust, government departments and agencies in the UK Public Sector can leverage these solutions to enable secure transactions. As an annually revised platform, G-Cloud 13 will go live on 9 November 2022 and is due to end at 23:59 on the 8 November 2023. Specifically, the addition of nShield as a Service to this roster facilitates UK public sector organizations moving their infrastructure into the cloud while maintaining control of their data security with master keys protected in a hardware security module (HSM), as is best practice. “The UK Government G-Cloud program is a way for public sector organisations to purchase cloud based IT solutions from approved, secure providers. Many of these organisations are looking to move as much of their infrastructure into the cloud as possible and need many of the Entrust cloud solutions to support the security requirements. With Entrust cloud solutions, we give you the capability along with the comfort that, strong controls and governance are consistently applied.” -Robert Hann, Vice President of Centre of Expertise for Entrust Digital Security Solutions. Entrust delivers UK Public Sector organisations G-Cloud approved solutions that ensure that you have a robust, secure and scalable combination of solutions to meet your data protection requirements. This cloud-native framework can help customers who are seeking to reduce their on premises data centre footprint and have more flexibility by replacing big capital outlay with a more predictable and flexible subscription payment model. Furthermore, with a selection of managed and “as-a-Service” solutions from Entrust, customers who are lacking the in-house expertise to manage their identity management or data protection solutions can safely leave it to the experts at Entrust.. About Entrust: Entrust keeps the world moving safely by enabling trusted experiences for identities, payments, and digital infrastructure. We offer an unmatched breadth of solutions that are critical to enabling trust for multi-cloud deployments, mobile identities, hybrid work, machine identity, electronic signatures, encryption and more. With more than 2,800 colleagues, a network of global partners, and customers in over 150 countries, it’s no wonder the world’s most entrusted organisations trust us.

Read More