Two Democratic House members are introducing legislation requiring separate assessments of the Defense Department’s cloud computing environment.
The Department of Defense Cloud Security Act, which will be introduced by Reps. Niki Tsongas (D-Mass.) and Derek Kilmer (D-Wash.), would require the DoD Chief Information Officer (CIO) to determine the security requirements for any cloud computing service the department uses. The bill would also require the CIO to assess whether security controls used in commercial cloud services and the cloud services of other federal departments meet the department’s requirements.
The bill would require the Government Accountability Office to review the best practices that other federal agencies and commercial cloud providers currently have for security, assess the cloud capacity of DoD and to what extent the department has adopted commercial cloud computing, and assess opportunities for DoD to used cloud computing.
“Modern warfare requires modern technology and America must focus on remaining at the forefront of innovation,” Tsongas said in a statement. “In order to do so, the DoD must more effectively take advantage of technological advancements, such as cloud technology, but do so in a safe, efficient way.”
The bill would also require the CIO ensure that any government cloud computing system go through the same certification and accreditation process used for commercial service providers.