## Microsoft's Cloud Security Under Scrutiny According to a **ProPublica** scoop, federal cybersecurity experts expressed significant reservations about **Microsoft's** cloud computing services, specifically GCC High, designed to protect sensitive government information. > The tech giant’s “lack of proper detailed security documentation” left reviewers with a “lack of confidence in assessing the system’s overall security posture,” according to an internal government report reviewed by ProPublica. > Or, as one member of the team put it: “The package is a pile of shit.” The report highlights a multi-year struggle by **Microsoft** to adequately explain how it safeguards data within its cloud infrastructure. Reviewers cited a lack of detailed security documentation, hindering their ability to properly assess the overall security posture of the system. ## FedRAMP Approval Despite Concerns Despite the critical assessment, **FedRAMP** granted authorization to **Microsoft's** GCC High. This decision is described as "highly unusual" and included a "buyer beware" notice to federal agencies considering the service. The approval allows **Microsoft** to continue expanding its government business. The implications of this decision are significant, potentially exposing the federal government to increased cybersecurity risks if the security of **Microsoft's** cloud services cannot be adequately verified.