The Defense Department has tightened cybersecurity requirements for its cloud services providers. The changes come after ProPublica revealed how Microsoft’s use of China-based engineers left sensitive government data vulnerable to hacking.
  • Lvxferre [he/him]@mander.xyz
    22·
    21 hours ago

    If I were in charge of the defence department of a government, there’s no way I’d ever allow closed source software to even touch machines with sensitive data. Or even pre-compiled software. Because the problem is not what you see, like personnel; it’s what you don’t, like bribery and backdoors.

    Let alone use “cloud” computing. Come on… it’s someone else’s computer.

    • TehPers@beehaw.orgEnglish
      11·
      20 hours ago

      Bribery and backdoors? Which government are we talking about here? Those are features.

    • m-p{3}@lemmy.ca
      4·
      20 hours ago

      Cloud computing I agree, at least until we figure out homomorphic encryption.

      For cloud storage it’s not as bad, as long as you control the keys and the provider doesn’t see them then you can be fairly confident the data is safe.

      • Lvxferre [he/him]@mander.xyz
        2·
        17 hours ago

        Even then, for cloud storage; cryptography is an additional layer of protection, but all this data should be kept offline as much as reasonably possible.