Despite doubts, federal cyber experts approved Microsoft cloud service

“Internal FedRAMP reviewers flagged serious unresolved security issues. The service was approved anyway.”

ProPublica got the internal documents and the story is the usual one. Career security analysts wrote up the problems, political appointees overrode the recommendation, and the contract closed on schedule. Microsoft will continue to host the most sensitive workloads in the federal government on infrastructure its own reviewers said was not ready. The next breach is on the calendar. The accountability is not.