The Register: Pentagon ends Microsoft’s use of China-based support staff for DoD cloud

Aug 29, 2025

—

Source URL: https://www.theregister.com/2025/08/29/pentagon_ends_microsofts_use_of/
Source: The Register
Title: Pentagon ends Microsoft’s use of China-based support staff for DoD cloud

Feedly Summary: ‘It blows my mind,’ says SecDef
The Pentagon has formally kiboshed Microsoft’s use of China-based employees to support Azure cloud services deployed by US government agencies, and it’s demanding Microsoft do more of its own digging to determine whether any sensitive data was compromised. …

AI Summary and Description: Yes

Summary: The Pentagon’s decision to halt Microsoft’s use of China-based employees for Azure cloud services highlights growing concerns about data security in government-backed cloud solutions. This move underscores the critical nature of compliance and security oversight in cloud computing.

Detailed Description: The Pentagon’s intervention regarding Microsoft’s Azure cloud services is significant as it emphasizes the increasing scrutiny of cloud providers’ supply chains. This situation is particularly relevant for security and compliance professionals who oversee data security in cloud environments.

– **Pentagon’s Directive**: The Department of Defense has formally banned Microsoft from employing workers based in China for support roles related to Azure, a cloud service widely used by government agencies.

– **Sensitive Data Concerns**: The Pentagon is requiring Microsoft to investigate further whether any sensitive information may have been compromised by the involvement of foreign staff, accentuating the risks associated with supply chain security in cloud computing.

– **Implications for Vendors**: This incident serves as a warning to cloud service providers regarding the necessity of maintaining stringent security protocols and monitoring for potential vulnerabilities related to offshore employment practices.

– **Regulatory Compliance**: As government agencies increasingly adopt cloud services, compliance with security standards and regulations becomes paramount to protect sensitive government data from foreign threats.

– **Strategic Oversight**: Security professionals must advocate for robust governance mechanisms to ensure that all partners in a cloud service supply chain maintain adequate security and compliance measures.

Overall, this situation encourages cloud service providers to re-evaluate their operational practices, particularly regarding overseas staffing and the potential implications for data security and regulatory compliance.

2 2025 5 a Act age AI All alt and art as at ated Azure Azure cloud backed based based employees based support Bi by C CERN chain China CI CIA Cloud cloud computing cloud environment cloud environments Cloud Provider cloud providers cloud service cloud service providers cloud services Cloud Solutions co Col compliance compliance measures compliance professionals compromised Computing concerns core critical D data data security de decision defense demand Department of Defense directive DoD e employment end environment environments for foreign threats g Gen GIS Go governance Governance Mechanism governance mechanisms government government agencies Government Data H high Highlight HR http HTTPS implications in incident information inter io Iron k l led Li low M man measures Micro Microsoft Monitor monitoring my N o of off offs on ons operation operational operational practices opt ory oS out over oversight partners Pentagon per potential practices pro professionals protocol protocols ps Q R rag rate RCE re Regulation regulations regulatory regulatory compliance Risk risks Ro Role RoT row s sec security security and compliance security oversight security professionals security protocols security standards sensitive data sensitive information service service provider service providers services Sig size sizes SoC solutions source SSO staffing standards STIG strategic supply supply chain supply chain security supply chains support T ted the threat threats to Tor TP UI under up US US government use V val vendor vendors vulnerabilities Wi workers z