Technology

2517 readers

7 users here now

Tech related news and discussion. Link to anything, it doesn't need to be a news article.

Let's keep the politics and business side of things to a minimum.

Rules

No memes

founded 11 months ago

MODERATORS

rimu@piefed.social

Federal cyber experts called Microsoft's cloud a "pile of shit," approved it anyway (arstechnica.com)

submitted 1 month ago by rimu@piefed.social to c/technology@piefed.social

3 comments fedilink hide all child comments

FedRAMP first raised questions about GCC High’s security in 2020 and asked Microsoft to provide detailed diagrams explaining its encryption practices. But when the company produced what FedRAMP considered to be only partial information in fits and starts, program officials did not reject Microsoft’s application. Instead, they repeatedly pulled punches and allowed the review to drag out for the better part of five years. And because federal agencies were allowed to deploy the product during the review, GCC High spread across the government as well as the defense industry. By late 2024, FedRAMP reviewers concluded that they had little choice but to authorize the technology - not because their questions had been answered or their review was complete, but largely on the grounds that Microsoft’s product was already being used across Washington.

you are viewing a single comment's thread
view the rest of the comments

[–] UninvestedCuriosity@lemmy.world 12 points 1 month ago (1 children)

This is exactly how ITIL intended right?

[–] Bobby_shmurda@sh.itjust.works 2 points 1 month ago

Lol