back to article Microsoft builds Uncle Sam custom versions of 365 and Azure Stack

Courting the lucrative government contract market, Microsoft has unveiled custom versions of Azure Stack and Microsoft 365 for the US government. Redmond says the Government editions of the two cloud platforms would feature special security and management options designed for US government agencies. For Microsoft 365, this …

  1. FozzyBear
    Mushroom

    and it shall henceforth be known as

    Mushroom cloud

    1. Anonymous Coward
      Anonymous Coward

      And it starts...

      And it starts...

      Secure* platforms for 'them', weak platforms for the rest of us. FU Microsoft.

      (To clarify: *Secure; as in Microsoft's sale pitch sense of the word, not mine)

      1. Anonymous Coward
        Anonymous Coward

        Re: And it starts...

        "Secure platforms for 'them', weak platforms for the rest of us. FU Microsoft."

        Still way stronger security than the alternative from Google. For instance both O365 key and data management are regional jurisdiction based, not control from anywhere like Google. Because Google are legacy OS based, they can't fully lock down data - you can't deny file system access to root in *nix.

  2. Doctor Syntax Silver badge

    They may be going after the US govt market but if they've any sense (admittedly a tall order) other govts world wide will be looking elsewhere, especially if the CLOUD act is passed.

    1. AMBxx Silver badge

      Do some reading!

      Azure Stack is about havine MS Azure in your own data centre. Nothing to do with hosting in the cloud as we currently understand it.

      It's be 'coming soon' for years. Whether it ever is released or is just there to prevent migration to competitors is another matter.

      1. Anonymous Coward
        Anonymous Coward

        Typical "Vaporware" strategy, typical for Microsoft, they even coined the term

        > Azure Stack is about havine MS Azure in your own data centre. Nothing to do with hosting in the cloud as we currently understand it.

        > It's be 'coming soon' for years. Whether it ever is released or is just there to prevent migration to competitors is another matter.

        It's a very typical evil tactics of Microsoft. They even coined the term "Vaporware".

        "In the computer industry, vaporware (brit. vapourware) is a product, typically computer hardware or software, that is announced to the general public but is never actually manufactured nor officially cancelled. "Vaporware" was coined by a Microsoft engineer in 1982 to describe the company's Xenix [unix] operating system."

        "US District Judge Stanley Sporkin was a vocal opponent of the practice during his review of the settlement resulting from "United States v. Microsoft Corp." in 1994. "Vaporware is a practice that is deceitful on its face and everybody in the business community knows it," said Sporkin. One of the accusations made during the trial was that Microsoft has illegally used early announcements. The review began when three anonymous companies protested the settlement, claiming the government did not thoroughly investigate Microsoft's use of the practice. Specifically, they claimed Microsoft announced its Quick Basic 3 program to slow sales of its competitor Borland's recently released Turbo Basic program."

        source: https://en.wikipedia.org/wiki/Vaporware

      2. Anonymous Coward
        Anonymous Coward

        Re: Do some reading!

        "Azure Stack is about havine MS Azure in your own data centre. Nothing to do with hosting in the cloud as we currently understand it."

        Well it is - it's hosting in your own private or hybrid cloud. So whatever you do in public cloud in Azure you can always choose to bring back on premises. Google and AWS simply don't have an equivalent solution.

        "It's be 'coming soon' for years."

        No it's been shipping for a while now:

        https://azure.microsoft.com/en-gb/overview/azure-stack/integrated-systems/

      3. Doctor Syntax Silver badge

        Re: Do some reading!

        "Azure Stack is about havine MS Azure in your own data centre. "

        And Windows 10 is about having Windows running on your own PC.

    2. Anonymous Coward
      Anonymous Coward

      "other govts world wide will be looking elsewhere, especially if the CLOUD act is passed."

      Microsoft already have a security model that blocks the ability for their US employees to access data in other jurisdictions without local data custodian approval - so they are one of the few suppliers that it probably isn't a problem for. Ditto the ability to bring and control your own encryption keys into Thales HSMs that are also locked down regionally.

      1. Doctor Syntax Silver badge

        "Microsoft already have a security model that blocks the ability for their US employees to access data in other jurisdictions without local data custodian approval"

        The only place I've read of this being used is in Germany. If it's deployed elsewhere they seem to have kept quiet about it. There's also a question of whether it would survive the CLOUD act whose purpose appears to be to make extra-territorial jurisdiction explicit.

        1. Anonymous Coward
          Anonymous Coward

          "The only place I've read of this being used is in Germany. If it's deployed elsewhere they seem to have kept quiet about it."

          No its across the board and well publicised. Do you really think say the UK military would be using them for 180K users if it wasnt?!

          https://docs.microsoft.com/en-us/information-protection/plan-design/plan-implement-tenant-key

          "As an additional protection measure, Azure Key Vault uses separate security domains for its data centers in regions such as North America, EMEA (Europe, Middle East and Africa), and Asia. Azure Key Vault also uses different instances of Azure, such as Microsoft Azure Germany, and Azure Government. "

  3. razorfishsl

    All the government data in a single area, protected by a single system.....

    What could possibly go wrong?

    1. seacook
      Devil

      Nothing is wrong

      The system will happily perform as designed. A future TITSUP is in the clouds.

  4. dan1980

    "Microsoft can quickly update its services to protect against threats, where many government agencies with on-premises environments may take weeks if not months to deploy patches in the event of an attack . . . Our ability to dramatically speed up the timeline can result in real ROI savings—and better protected citizen data—for our government cloud customers."

    It'll also help introduce bugs nice and quickly, too.

    1. Anonymous Coward
      Anonymous Coward

      And keep you on high alert by constantly shifting the UI around, a must for Government employees, especially those testing emergency broadcast SMSs.

  5. joed

    payback time?

    You've made all attempts to avoid paying for Windows license but now you'll pay MS tax. This is how they get you. Military industrial complex at its finest. And it's hard to tell who had whom in the pocket.

  6. Anonymous Coward
    Anonymous Coward

    So...they can patch the exploits the NSA/CIA know about, but leave the rest of us unawares and vulnerable?

    This could get confusing when they role the service out to other governments...

  7. doublelayer Silver badge

    And this is better why?

    I'll do my best not to argue for Linux here. I already know why they aren't using it. But I have to ask, why aren't they sticking with their old windows system (not old as in outdated, but old as in not cloud). Windows server's still a thing, and the government was fine enough with it before. I can see why Microsoft wants them on their new cloudy junk but why is the government going to go along with that because we know they will. Maybe there's a case for new Microsoft-ensured security (please wait a moment for the oxymoron detector to return to baseline) in low-end government services. Maybe, just maybe, it could have prevented things like the OPM hack. But I can't see any reason for DOD material to be put on systems like this. You're just asking for someone to get it. I think some people at hacking headquarters might already know that, so maybe they'll explain why this is a bad idea. Or maybe they will just let the seriously important departments go ahead with it. Have fun, China.

    1. Anonymous Coward
      Anonymous Coward

      Re: And this is better why?

      >> I'll do my best not to argue for Linux here. I already know why they aren't using it.

      Lack of easy integration, doesn't run most business software directly, high vulnerability counts to evaluate, lower performance on the same hardware, and poor enterprise management and security features in comparison out of the box would spring to mind for starters.

      >> why aren't they sticking with their old windows system (not old as in outdated, but old as in not cloud).

      Because the cost of ownership is lower over the long term to let someone else run the stack.

      1. doublelayer Silver badge

        Re: And this is better why?

        >>> I'll do my best not to argue for Linux here. I already know why they aren't using it.

        >Lack of easy integration, doesn't run most business software directly, high vulnerability counts to evaluate, lower performance on the same hardware, and poor enterprise management and security features in comparison out of the box would spring to mind for starters.

        That's why I said "I already know why they aren't using it.". Thanks for the summary, anyway. Some of those points are quite logical. Others are less so, but I'm going to stick with my not-arguing-about-Linux stance here.

        However, your point of cloud being superior because cost is lower...I don't agree. Not only do we have to conclude that that is an appealing argument to the government, who don't appear to care a ton about cost given their history in computing purchases (and everything else), but we also have to conclude that buying equipment, hiring admins, and properly securing everything is more expensive than buying Microsoft-set-up equipment, paying Microsoft's admins, hiring the smaller set of admins to manage the systems because you still need that, and still securing the systems. I know that you get some economies of scale here, but you lose a little of it via Microsoft's dedicated data center. However, my main point is that, while it might be cheaper from a cash standpoint, it might be more expensive from a security and management standpoint. I'm not sure if you can even calculate that in correctly, but I'm quite sure they're not trying.

  8. Anonymous Coward
    Windows

    It just works

    My 4000 users can’t get enough of Office 365, evergreen Win 10/Office 2016 and Intune managed phones. Taxi for BOFHs!

    1. Anonymous Coward
      Anonymous Coward

      Re: It just works

      Ah, the never ending loading circle and 10 seconds to copy a cell in O365. The W10 updates tested by the users not Microsoft's inhouse department. And Intune which doesn't like Windows phones.

      The fun never stops.

      1. Anonymous Coward
        Anonymous Coward

        Re: It just works

        "the never ending loading circle and 10 seconds to copy a cell in O365"

        I think you are deluded by a fake FUD story. All business editions of O365 include a full local install of Microsoft Office so document navigation performance is identical to any other full version office user. And C&P of a cell is generally instant.

        "And Intune which doesn't like Windows phones."

        Again - more untrue FUD - Intune works with Windows Phone 8.1 and later just fine.

        1. Anonymous Coward
          Anonymous Coward

          Re: It just works

          "I think you are deluded by a fake FUD story. All business editions of O365 include a full local install of Microsoft Office so document navigation performance is identical to any other full version office user. And C&P of a cell is generally instant."

          Not deluded but real-life examples. I know O365 first hand not from someone else's story.

          While it includes local installation it's not always in use. For example shared domain account to log in to the desktop and then using O365 apps.

          "Again - more untrue FUD - Intune works with Windows Phone 8.1 and later just fine."

          Eeerr.. no. Not only it doesn't like Windows Phones it has problems with Apple's DEP integration.

          1. Anonymous Coward
            Anonymous Coward

            Re: It just works

            "While it includes local installation it's not always in use. For example shared domain account to log in to the desktop and then using O365 apps."

            What? A shared account is a a security fail. If you have O365 then you have a corporate account linked to O365 and you would use that - via RunAs if needed. If you are ever using the web-apps except out of choice then you are doing it wrong.

            "Not only it doesn't like Windows Phones it has problems with Apple's DEP integration."

            Works fine here on several hundred iphones. And numerous Windows phones before that.

        2. Anonymous Coward
          Anonymous Coward

          Re: It just works

          "All business editions of O365 include a full local install of Microsoft Office" that your IT department can (for some reason) prevent you from getting.

          1. Anonymous Coward
            Anonymous Coward

            Re: It just works

            "that your IT department can (for some reason) prevent you from getting."

            I have been involved in numerous O365 roll-outs. The number that used the webapps by default for end user desktops / VDI / laptops / tablets / mobiles so far is zero. Why would you unless using some exotic device without a native Office version?! Could i suggest that the problem is your IT department! That being said, the webapps are perfectly useable and extremely responsive in a fast browser like Edge or recent versions of Chrome. You can use cutdowns for free at https://products.office.com/en-gb/office-online/documents-spreadsheets-presentations-office-online

            1. Anonymous Coward
              Anonymous Coward

              Re: It just works

              "Could i suggest that the problem is your IT department!"

              You can indeed, do not ask me why this decision has been made, it is far above my head and beyond my concern. I stopped worrying about what my company doesn't let me do long ago.

              The point I was making is that the local install isn't always an option for everyone.

  9. Wolfclaw

    With any luck, Windows As A Disservice should not get as many borking patches, as Uncle Sam will have beta tested them !

  10. adam payne

    The package bundles Windows 10, Office 365, and Enterprise Mobility + Security with Microsoft's secure government cloud service - an isolated data center run by accredited staff intended solely for use by the US government.

    One data center, what could go wrong?

    1. Anonymous Coward
      Anonymous Coward

      "One data center, what could go wrong?"

      No, there are a minimum of two for any Azure / O365 cloud offering including these.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like