FedRAMP Clears Microsoft’s GCC High Despite Flaws, Concerns
🚨 An internal late-2024 government report reviewed by ProPublica found that Microsoft’s Government Community Cloud High lacked “proper detailed security documentation,” leaving evaluators with “a lack of confidence” in assessing the platform. One reviewer called the package “a pile of shit.” Despite those findings, FedRAMP authorized the product with a buyer-beware notice, a decision that helped Microsoft expand a multibillion-dollar federal cloud business.
