The latest CSRB report heavily criticizes the cloud security practices of one of the federal government's biggest technology suppliers.