The Centers for Medicare and Medicaid Services journey to the cloud is about to take a big step forward.
CMS is developing a new approach to better manage how the agency is moving more systems and applications to software-as-a-service…
“We’re trying to figure out what’s the best way to manage SaaS products, track and also evaluate the risk of those SaaS products. So when I say discovery, that’s where we are right now. We identified a tool that will help us manage the discovery of SaaS in our environment,” [Shawnte Singletary, the deputy director of the Division of Security and Privacy Compliance in the Office of Information Security and Privacy Group at CMS] said at a recent event sponsored by the Digital Government Institute. “With that discovery, we would love to evaluate those SaaS products, categorize them and make sense of what their usage are because we don’t want to call out things as unsanctioned if everybody’s using it and therefore it’s not shadow IT. We’ve got to understand who’s using it, why are they using it and what type of sensitive data is going in it.” … Read the full article here.
