Cloud computing, an emerging form of computing where users have access to scalable, on-demand capabilities that are provided through Internet-based technologies, has the potential to provide information technology services more quickly and at a lower cost, but also to introduce information security risks. Accordingly, GAO was asked to testify on the security implications of cloud computing. This testimony describes (1) the information security implications of using cloud computing services in the federal government; (2) GAO's previous reporting on federal efforts and guidance to address cloud computing information security; and (3) GAO recommendations and subsequent actions taken by federal agencies to address federal cloud computing security issues. In preparing this statement, GAO summarized its May 2010 report on cloud computing security and assessed agency actions to implement its recommendations.
Skip to Highlights