The Office of Inspector General of the Federal Deposit Insurance Corp. said the FDIC’s security controls in its cloud computing environment are not effectively implemented in five areas: identity and access management, cloud secret protection, patch management, flaw remediation and audit logging. The audit, conducted in partnership with Sikich, found six common themes of security weaknesses in the FDIC cloud platform, the OIG said Thursday. According to Sikich, the cloud platform teams did not consistently implement secure coding practices, configure cloud platform security settings per cloud service providers and industry best practices, or provision access to its cloud-based systems in
The post FDIC Fails to Effectively Implement Security Controls for Cloud Environment, OIG Says first appeared on Executive Gov.