Federal cybersecurity experts gave Microsoft's Government Community Cloud High a scathing internal review, calling it a 'pile of shit' due to inadequate security documentation and lack of confidence in assessing its security posture. Despite Microsoft's cloud being implicated in two major cyberattacks against US agencies in recent years, the FedRAMP program authorized the product anyway. This approval raises serious concerns about government reliance on Microsoft's cloud services for sensitive national security information.
Background
FedRAMP is the US government's standardized approach to security assessment and authorization for cloud products and services. Microsoft's cloud services have been central to major cyberattacks by Russian and Chinese hackers targeting US government agencies in recent years.
- Source
- Ars Technica
- Published
- Mar 19, 2026 at 01:36 AM
- Score
- 8.0 / 10