Federal Cybersecurity Reviewers Criticized Microsoft Cloud Security Documentation Before Approval
By
hn_acker
2mo ago· 32 min readenNews
100/100
Golden Brown
Bagelometer↗
Crackling crust, pillowy middle. The kind of bagel that earns a second cup of coffee.
Score100TypenewsSentimentnegative
Summary
Federal cybersecurity evaluators in late 2024 gave Microsoft's cloud computing offering a scathing review, calling it 'a pile of shit' due to insufficient security documentation and lack of confidence in assessing its security posture. Despite these serious concerns, the government approved the cloud product anyway, highlighting tensions between security requirements and bureaucratic pressures to adopt major tech platforms.
Key quotes
· 3 pulledThe tech giant's 'lack of proper detailed security documentation' left reviewers with a 'lack of confidence in assessing the system's overall security posture'
Or, as one member of the team put it: 'The package is a pile of shit.'
For years, reviewers said, Microsoft had tried and failed to fully explain how it protects sensitive information in the cloud
A federal program created to protect the government against cyber threats authorized a sprawling Microsoft cloud product, despite the company’s inability to fully explain how it protects sensitive data.
