Microsoft’s Cloud meets Defence standards


Office for Mere Mortals
Your beginners guide to the secrets of Microsoft Office
Invalid email address
Tips and help for Word, Excel, PowerPoint and Outlook from Microsoft Office experts.  Give it a try. You can unsubscribe at any time.  Office for Mere Mortals has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy

Microsoft Cloud staff have their chests bursting with pride with the announcement that they’ve met some US Dept. of Defence standards.

The blog posting is headed How the Office 365 U.S. Government Cloud meets the regulatory and compliance needs of the Department of Defense which sounds impressive.  Regular Office-Watch.com readers won’t be surprised to learn that it’s not as great as it might seem.

The compliance does NOT mean Microsoft’s cloud offerings are ‘secure’ for the Pentagon.  You won’t (or shouldn’t) see missile launch codes or troop deployment orders on Microsoft’s servers.

The certification is for “Controlled Unclassified Information (CUI).” – note the word Unclassified.

That’s not to say getting the ‘Security Requirements Guidelines (SRG) L5 and L4 controls’ is easy – it’s not.  The extra requirements are there for some US government contracts and not standard business cloud customers.

Due Diligence Checklist

Microsoft has also released a ‘Due Diligence Checklist‘ for customers to compare cloud services.  Much is made of international standard ISO/IEC 19086.

We hate to bang on about this, but it’s always worth keeping in mind that Microsoft isn’t bound by their promises or standards.  They are only tied to their own terms and conditions of service.  The company has a track record of reading customers data for their own self-interest and there’s nothing to stop them doing it in the future.

subs profile e1563205311409 - Microsoft's Cloud meets Defence standards
Latest news & secrets of Microsoft Office

Microsoft Office experts give you tips and help for Word, Excel, PowerPoint and Outlook.

Give it a try. You can unsubscribe at any time.  Office Watch has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy
Invalid email address