Updating inside an oracle function
We agree entirely that the delta between the private sector’s use of technology and the government’s use of technology is too large.
The fact is that the efficiency, security, and both user and customer experience of private sector deployed technology is at least a decade ahead of the government.
I've found that some of the comments on this IT Modernization request were overly focused on the infrastructure level and not on the big picture of what needs improvement.
Cora Carmody September 20, 2017 Christopher Liddell Director, American Technology Council The White House 1600 Pennsylvania Avenue Washington DC 20500 Director Liddell: Oracle appreciates the opportunity to provide comments on the Administration’s plan to modernize the Federal Government’s information technology environment.
With respect to Appendix B: Principles of Cloud-Oriented Security, Oracle applauds the focus on Cloud-Oriented security; however, Oracle believes that the proposed model is simply re-creating the perimeter-based approach at the data center instead of taking a truly “data-centric” approach.
While the Appendix notes that this proposal is for agencies building applications on top of cloud infrastructure and does not apply to Software as a Service (Saa S), a better approach than replicating network-layer security in the cloud would be to build in the security functionality provided by commercial Saa S applications (or to simply acquire commercial Saa S applications).
Sincerely, Kenneth Glueck Senior Vice President Office of the CEO Oracle cover their tracks – are designed into these systems, allowing for strengthened compliance, alerting on anomalous activity, and, on a bad day, faster forensics.
We strongly commend the transparent and inclusive process employed by yourself, Jared Kushner, and Reed Cordish in all your work on the ATC.
Regarding the report, we applaud the general themes of 1) moving to cloud to transform the security and functionality of federal IT systems, 2) defend data, not just the network perimeter; and 3) consolidating services, where appropriate, to increase efficiency and reduce cost.
5) The focus in the Report on security seems out of sync with the threat USG systems face and the very substantial cost of data breach.
Data security frameworks have moved far beyond multi-factor authentication, to leverage control of data on a granular level, to protect against the insider threat and to utilize artificial intelligence to identify intruders and automate defenses.