Cloud Security: Selected Agencies Need to Fully Implement Key Practices

Home / Articles / External / Government

Source: Shutterstock
Source: Shutterstock

May 30, 2023 | Originally published by U.S. Government Accountability Office on May 18, 2023

The U.S. Department of Agriculture (USDA), the Department of Homeland Security (DHS), the Department of Labor (DoL), and the Department of Treasury have not fully applied cloud security practices, according to a new report from the Government Accountability Office (GAO).

The report, which was released on May 18, finds that USDA, DHS, Labor, and Treasury varied in their efforts to implement the six key cloud security practices. Those are defined security responsibilities; documented identity, credential, and access management (ICAM) policies and procedures; implemented continuous monitoring; defined security metrics; addressed Federal Risk and Authorization Management Program (FedRAMP) requirements; and documented procedures for incident response and recovery.

Focus Areas