DigiNews

Tech Watch by Johan Denoyer

← Back to articles

Federal Cyber Experts Thought Microsoft’s Cloud Was “a Pile of Shit.” They Approved It Anyway.

Quality: 9/10 Relevance: 9/10

Summary

ProPublica investigates FedRAMP's handling of Microsoft's GCC High cloud for federal use, revealing missing encryption diagrams, back-channel communications, and political pressure that led to authorization despite unresolved security concerns. The report portrays FedRAMP as a potential 'security theater' and highlights risks of relying on third-party assessors, with wider implications for government and contractor cybersecurity. It underscores the importance of robust, independent security documentation when adopting cloud and AI-enabled services.

🚀 Service construit par Johan Denoyer