{"id":2385,"date":"2026-04-09T11:05:02","date_gmt":"2026-04-09T11:05:02","guid":{"rendered":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/"},"modified":"2026-04-09T11:05:02","modified_gmt":"2026-04-09T11:05:02","slug":"on-microsofts-lousy-cloud-security","status":"publish","type":"post","link":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/","title":{"rendered":"On Microsoft\u2019s Lousy Cloud Security"},"content":{"rendered":"<div>\n<p>ProPublica has a <a href=\"https:\/\/arstechnica.com\/information-technology\/2026\/03\/federal-cyber-experts-called-microsofts-cloud-a-pile-of-shit-approved-it-anyway\/\">scoop<\/a>:<\/p>\n<blockquote>\n<p>In late 2024, the federal government\u2019s cybersecurity evaluators rendered a troubling verdict on one of Microsoft\u2019s biggest cloud computing offerings.<\/p>\n<p>The tech giant\u2019s \u201clack of proper detailed security documentation\u201d left reviewers with a \u201clack of confidence in assessing the system\u2019s overall security posture,\u201d according to an internal government report reviewed by ProPublica.<\/p>\n<p>Or, as one member of the team put it: \u201cThe package is a pile of shit.\u201d<\/p>\n<p>For years, reviewers said, Microsoft had tried and failed to fully explain how it protects sensitive information in the cloud as it hops from server to server across the digital terrain. Given that and other unknowns, government experts couldn\u2019t vouch for the technology\u2019s security.<\/p>\n<p>[\u2026]<\/p>\n<p>The federal government could be further exposed if it couldn\u2019t verify the cybersecurity of Microsoft\u2019s Government Community Cloud High, a suite of cloud-based services intended to safeguard some of the nation\u2019s most sensitive information.<\/p>\n<p>Yet, in a highly unusual move that still reverberates across Washington, the Federal Risk and Authorization Management Program, or FedRAMP, authorized the product anyway, bestowing what amounts to the federal government\u2019s cybersecurity seal of approval. FedRAMP\u2019s ruling\u2014which included a kind of \u201cbuyer beware\u201d notice to any federal agency considering GCC High\u2014helped Microsoft expand a government business empire worth billions of dollars.<\/p>\n<\/blockquote>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>ProPublica has a scoop: In late 2024, the federal government\u2019s cybersecurity evaluators rendered a troubling verdict on one of Microsoft\u2019s biggest cloud computing offerings. The tech giant\u2019s \u201clack of proper detailed security documentation\u201d left reviewers with a \u201clack of confidence in assessing the system\u2019s overall security posture,\u201d according to an internal government report reviewed by [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[990,90,292,384,991,53],"tags":[91],"class_list":["post-2385","post","type-post","status-publish","format-standard","hentry","category-cloud-computing","category-cybersecurity","category-microsoft","category-national-security-policy","category-security-theater","category-uncategorized","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>On Microsoft\u2019s Lousy Cloud Security - Imperative Business Ventures Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"On Microsoft\u2019s Lousy Cloud Security - Imperative Business Ventures Limited\" \/>\n<meta property=\"og:description\" content=\"ProPublica has a scoop: In late 2024, the federal government\u2019s cybersecurity evaluators rendered a troubling verdict on one of Microsoft\u2019s biggest cloud computing offerings. The tech giant\u2019s \u201clack of proper detailed security documentation\u201d left reviewers with a \u201clack of confidence in assessing the system\u2019s overall security posture,\u201d according to an internal government report reviewed by [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Imperative Business Ventures Limited\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-09T11:05:02+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"headline\":\"On Microsoft\u2019s Lousy Cloud Security\",\"datePublished\":\"2026-04-09T11:05:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/\"},\"wordCount\":229,\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"cloud computing\",\"Cybersecurity\",\"Microsoft\",\"national security policy\",\"security theater\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/\",\"url\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/\",\"name\":\"On Microsoft\u2019s Lousy Cloud Security - Imperative Business Ventures Limited\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/#website\"},\"datePublished\":\"2026-04-09T11:05:02+00:00\",\"author\":{\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.ibvl.in\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"On Microsoft\u2019s Lousy Cloud Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.ibvl.in\/#website\",\"url\":\"https:\/\/blog.ibvl.in\/\",\"name\":\"Imperative Business Ventures Limited\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.ibvl.in\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/blog.ibvl.in\"],\"url\":\"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"On Microsoft\u2019s Lousy Cloud Security - Imperative Business Ventures Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/","og_locale":"en_US","og_type":"article","og_title":"On Microsoft\u2019s Lousy Cloud Security - Imperative Business Ventures Limited","og_description":"ProPublica has a scoop: In late 2024, the federal government\u2019s cybersecurity evaluators rendered a troubling verdict on one of Microsoft\u2019s biggest cloud computing offerings. The tech giant\u2019s \u201clack of proper detailed security documentation\u201d left reviewers with a \u201clack of confidence in assessing the system\u2019s overall security posture,\u201d according to an internal government report reviewed by [&hellip;]","og_url":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/","og_site_name":"Imperative Business Ventures Limited","article_published_time":"2026-04-09T11:05:02+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/#article","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/"},"author":{"name":"admin","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"headline":"On Microsoft\u2019s Lousy Cloud Security","datePublished":"2026-04-09T11:05:02+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/"},"wordCount":229,"keywords":["Cybersecurity"],"articleSection":["cloud computing","Cybersecurity","Microsoft","national security policy","security theater"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/","url":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/","name":"On Microsoft\u2019s Lousy Cloud Security - Imperative Business Ventures Limited","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/#website"},"datePublished":"2026-04-09T11:05:02+00:00","author":{"@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"breadcrumb":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/09\/on-microsofts-lousy-cloud-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.ibvl.in\/"},{"@type":"ListItem","position":2,"name":"On Microsoft\u2019s Lousy Cloud Security"}]},{"@type":"WebSite","@id":"https:\/\/blog.ibvl.in\/#website","url":"https:\/\/blog.ibvl.in\/","name":"Imperative Business Ventures Limited","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.ibvl.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/blog.ibvl.in"],"url":"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/2385","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/comments?post=2385"}],"version-history":[{"count":0,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/2385\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/media?parent=2385"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/categories?post=2385"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/tags?post=2385"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}