7
7
0
This scares me.
141844
Posted from nextgov.com
Information Technology
INFOSEC
Cybersecurity
Microsoft
Posted 7 y ago
Responses: 9
2
2
0
So, tin-foil theory -
Microsoft Azure is based on Linux and Microsoft joined the Linux F#@$ing Foundation last year.
Could this be a plan to more quickly destroy the reputation of security on Linux ?
Maybe I should look into how/if they use CSF/APF, etc..
SN Greg Wright, SSgt Mark Lines, SSG Derek Scheller
Microsoft Azure is based on Linux and Microsoft joined the Linux F#@$ing Foundation last year.
Could this be a plan to more quickly destroy the reputation of security on Linux ?
Maybe I should look into how/if they use CSF/APF, etc..
SN Greg Wright, SSgt Mark Lines, SSG Derek Scheller
(2)
(0)
SSG Derek Scheller
SGT (Join to see) - Both to be completely honest. Why would any of these agencies trust the cloud with this type of information as well? Are they saying that all these other companies can do a better job of segmenting things off and containing the information than we can? Although now that it is public, they can say goodbye to that possibility.
(2)
(0)
SSgt Mark Lines
SSG Derek Scheller I agree with you totally. Why would agencies like these want their data in the cloud? It makes no sense to me. Especially when we were always taught that the best way to secure data was with an Air Gapped computer, ie. not connected to a network. I can understand how having their computers networked would allow for easier co-ordination between people, but in my mind, the security concerns are not worth it.
SGT (Join to see) What is up with you and tin foil hats lately?
SGT (Join to see) What is up with you and tin foil hats lately?
(2)
(0)
SGT (Join to see)
SSgt Mark Lines - A lot of things not adding up over here.
MAJ Eric G Troup, I saw your profile view. Anything you'd like to amend?
MAJ Eric G Troup, I saw your profile view. Anything you'd like to amend?
(1)
(0)
MAJ Eric G Troup
Microsoft Azure is not based on Linux. It is based on Windows. About 40% of its internal functionality comes from Open Source Projects including Linux. For instance, SONiC and the Azure Cloud Switch (ACS) are based Linux. Both are now Open Source. 66% of new Tenant workloads are some flavor of Linux.
(0)
(0)
1
1
0
First thing, Azure is not built off of Linux.
Microsoft joined the Linux foundation to push DSC (desired state configuration) knowing full well if they don’t Windows Server is going to be replaced quickly by Linux.
Now that false info is out of the way.
The reason why Microsoft won the contract to hold Secret info is because the DOD and GOV sector quickly realized that Microsoft cloud’s uptempo of patching exploits and zero day is much quicker than their own cyber sec team. I believe it was a pretty decent call on the DOD side to offload their work on to MSFT.
Microsoft joined the Linux foundation to push DSC (desired state configuration) knowing full well if they don’t Windows Server is going to be replaced quickly by Linux.
Now that false info is out of the way.
The reason why Microsoft won the contract to hold Secret info is because the DOD and GOV sector quickly realized that Microsoft cloud’s uptempo of patching exploits and zero day is much quicker than their own cyber sec team. I believe it was a pretty decent call on the DOD side to offload their work on to MSFT.
(1)
(0)
1
1
0
Let us get up to date here on cloud and network technology and impacts on cybersecurity.
1. In the current era of SDN and NFV there is no practical difference anymore between "network" and a "cloud". A cloud is a logical assembly of resources over a distributed network of datacenters that can extend from the hyper-scale datacenter regions out to the mobile edge.
2. Public and Private Cloud are obsolete terms and misleading terms the way people say them today.
3. Physical location of a datacenter and data has nothing to do with cyber-security. Physical security, associated with physical possession, is different than cyber-security. DoD has not been able to keep up with Cybersecurity. They may have had guards around their facilities but they have been stolen blind by intruders.
4. No one owns their own network from the back office out to the edge. Not even DOD.
5. Microsoft spends a $ Billion + on cybersecurity each year. Starting in 2015 everyone began acknowledging Azure is amongst best at Cyber-Security. http://news.softpedia.com/news/microsoft-the-hacker-proof-company-firm-to-spend-1-billion-on-cyber-security-512257.shtml
6. Data is power because it drives knowledge, situational awareness. AI driven, real-time data analytics is a strategic weapon. Everything is being connected and analyzed. Keeping ALL systems off-line and isolated puts the U.S. at a strategic disadvantage.
7. Data in Azure can be encrypted during transit, in storage and while being computed on using keys held by the customer (DOD) so that not even Microsoft engineers have access to the actual data.
8. Azure is a Actualization Platform. DoD is a tenant running its own Business Platforms. Microsoft runs the cybersecurity at the Actualization Platform but DoD has to operate cybersecurity at their tenant systems level. Two different things. Putting on Azure simplifies DOD's tasks.
9. For more information see "The Growing Role of Platforms in Cybersecurity" published by the Army CyberSecurity Institute: http://cyberdefensereview.army.mil/Portals/6/Documents/CDR-SPRING2017.pdf?ver=2017-04-03-153622-317
1. In the current era of SDN and NFV there is no practical difference anymore between "network" and a "cloud". A cloud is a logical assembly of resources over a distributed network of datacenters that can extend from the hyper-scale datacenter regions out to the mobile edge.
2. Public and Private Cloud are obsolete terms and misleading terms the way people say them today.
3. Physical location of a datacenter and data has nothing to do with cyber-security. Physical security, associated with physical possession, is different than cyber-security. DoD has not been able to keep up with Cybersecurity. They may have had guards around their facilities but they have been stolen blind by intruders.
4. No one owns their own network from the back office out to the edge. Not even DOD.
5. Microsoft spends a $ Billion + on cybersecurity each year. Starting in 2015 everyone began acknowledging Azure is amongst best at Cyber-Security. http://news.softpedia.com/news/microsoft-the-hacker-proof-company-firm-to-spend-1-billion-on-cyber-security-512257.shtml
6. Data is power because it drives knowledge, situational awareness. AI driven, real-time data analytics is a strategic weapon. Everything is being connected and analyzed. Keeping ALL systems off-line and isolated puts the U.S. at a strategic disadvantage.
7. Data in Azure can be encrypted during transit, in storage and while being computed on using keys held by the customer (DOD) so that not even Microsoft engineers have access to the actual data.
8. Azure is a Actualization Platform. DoD is a tenant running its own Business Platforms. Microsoft runs the cybersecurity at the Actualization Platform but DoD has to operate cybersecurity at their tenant systems level. Two different things. Putting on Azure simplifies DOD's tasks.
9. For more information see "The Growing Role of Platforms in Cybersecurity" published by the Army CyberSecurity Institute: http://cyberdefensereview.army.mil/Portals/6/Documents/CDR-SPRING2017.pdf?ver=2017-04-03-153622-317
Microsoft, the Hacker-Proof Company: Firm to Spend $1 Billion on Cyber Security
Redmond announces investment of $1bn each year
(1)
(0)
Read This Next
Continue with Facebook 
Continue with Google