Microsoft Changes Cloud Support Practices for U.S. Defense Clients
Microsoft has announced it will stop allowing engineers based in China to use its Azure Cloud Services to provide support for U.S. defense clients. This decision comes after an investigation raised national security alarms about the company’s previous arrangements, which involved support for the Pentagon and other key defense systems by these engineers operating from a nation labeled hostile.
A recent report noted that Microsoft was using China-based engineers to maintain the U.S. Department of Defense’s computer systems. This could expose sensitive military information to cybersecurity threats, which understandably raises concerns.
According to a prior report by another source, Microsoft’s reliance on these engineers had been to minimize U.S. oversight. They believed that this strategy was necessary to remain competitive in the Pentagon’s cloud computing sphere. However, this practice might have left critical military data vulnerable to espionage from China.
The current system employs U.S. workers designated “digital escorts,” tasked with overseeing these foreign engineers, acting as a firewall against harmful activities. But, as noted by the earlier report, these escorts often lack the advanced technical competencies to monitor the foreign talent effectively. Some of them, even veterans, may not have extensive backgrounds in software engineering and reportedly earn near the minimum wage.
Frank Shaw, Microsoft’s Chief Communications Officer, stated that the company’s support practices for U.S. government clients have been updated. The adjustments mainly impact its Azure Cloud Services division, which analysts believe generates over 25% of the company’s revenue—larger than Google Cloud but smaller than Amazon Web Services.
The report highlighted that U.S. digital escorts oversee Microsoft’s Chinese engineers. Concerns have arisen regarding the U.S. workers’ generally lower technical expertise compared to their international counterparts, which could create weaknesses vulnerable to cyber threats. The Secretary of Defense has critiqued the setup as outdated, particularly given today’s digital threats.
Initially, Microsoft had reassured that its employees were well-versed in U.S. government regulations, but due to recent concerns, they are taking prompt measures to revise their practices. Shaw mentioned the company’s commitment to providing secure services for the U.S. government in coordination with national security partners.
The Department of Defense is also engaged in identifying similar concerns and will take necessary steps to enhance the protection of cloud services. As digital threats evolve, it’s crucial for companies like Microsoft to remain alert and proactively address vulnerabilities, especially for sectors as sensitive as defense.
