Feeds

Brazil makes it official: Gov email must be state-run and on-premises

NSA's influence waxes as President decrees we don't need no steeenking cloud

Internet Security Threat Report 2014

Brazil has followed through on its promise to make its government email open source and entirely- on-shore.

The nation's Diário Oficial da União, or official gazette for the English-speakers among you, yesterday contained a “Decreto anuncia medidas para adoção dos serviços de correio eletrônico oferecidos pela administração pública federal”, or “Decree for adoption of e-mail services offered by the federal public administration”.

After pushing the decree (PDF ) through two translation engines, the Reg believes the decree makes the following provisions:

  • Government data must be carried by a government organisation or an organisation in which the government is a shareholder, other than for mobile communications;
  • The government will create and operate its own email services;;
  • Facilities enabling audit of confidentiality, authenticity and integrity of the email system must be built in from the start;
  • Data must be stored in government facilities in Brazil;
  • Normal procurement practices are suspended in order to get this done without having to seek competitive bids and state-owned IT shops only need apply.

Brazil signalled the desire to implement its own secure email regime back in October, after deciding the NSA's shenanigans made it a national security imperative. Our reading of the decree suggests it's already in force, which presumably means sysadmins and security types are already hard at work trying to turn it into reality. ®

Beginner's guide to SSL certificates

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Reducing the cost and complexity of web vulnerability management
How using vulnerability assessments to identify exploitable weaknesses and take corrective action can reduce the risk of hackers finding your site and attacking it.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.