====== ITAR Compliance ======

https://www.bluecoat.com/resources/cloud-governance-compliance/manufacturing-and-defense-itar

https://support.mailroute.net/entries/36394163-ITAR-International-Traffic-in-Arms-Regulations-

https://support.mailroute.net/entries/98533857-ITAR-Compliance-FAQ-s

On June 3, 2015, the Department of State issued a Federal Register notice requesting comments on proposed amendments to the ITAR (ITAR, 22 C.F.R. Parts 120 – 130) that would revise certain definitions and update controls on the transmission and storage of technical data in the cloud. In particular, it proposed that data going to a cloud environment **would not be treated as an export** if it was:

  * **Unclassified**
  * **Secured using end-to-end data protection**
    * With the appropriate **encryption** strength
    * Using a secure implementation with the required policies and controls
  * **Not stored in a prohibited country**
  * **No access by non-US citizens**