Skip to main content

Information Security: Governmentwide Guidance Needed to Assist Agencies in Implementing Cloud Computing

GAO-10-855T Published: Jul 01, 2010. Publicly Released: Jul 01, 2010.
Jump To:
Skip to Highlights

Highlights

Cloud computing, an emerging form of computing where users have access to scalable, on-demand capabilities that are provided through Internet-based technologies, reportedly has the potential to provide information technology services more quickly and at a lower cost, but also to introduce information security risks. Accordingly, GAO was asked to testify on the benefits and risks of moving federal information technology into the cloud. This testimony summarizes the contents of a separate report that is being released today which describes (1) the models of cloud computing, (2) the information security implications of using cloud computing services in the federal government, and (3) federal guidance and efforts to address information security when using cloud computing. In preparing that report, GAO collected and analyzed information from industry groups, private-sector organizations, and 24 major federal agencies.

Full Report

GAO Contacts

Office of Public Affairs

Topics

Access controlComputer resources managementComputer securityComputer security incidentsComputer security policiesCyber securityFederal agenciesInformation accessInformation managementInformation resources managementInformation securityInformation systemsInformation technologyInternal controlsInternetRisk assessmentRisk factorsRisk managementStandardsTechnology