Microsoft has moved to exclude engineers in China from working on the cloud services it provides to the US Department of Defense, days after saying that such global support personnel did not have direct access to its customers’ data or systems.
The company’s use of Chinese engineers to work on DoD infrastructure under the supervision of US-based “digital escorts” was uncovered in a report published by investigative news agency ProPublica last Tuesday.
By Friday, though, Microsoft had taken steps to prevent Chinese workers getting even that one-step-removed access to US DoD systems, said the company’s Chief Communications Officer, Frank X. Shaw.
“In response to concerns raised earlier this week about US-supervised foreign engineers, Microsoft has made changes to our support for US Government customers to assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services. We remain committed to providing the most secure services possible to the US government, including working with our national security partners to evaluate and adjust our security protocols as needed,” Shaw posted on X (formerly Twitter) late Friday.
Shaw did not say that that China-based engineering teams would be excluded from work on non-cloud-related Department of Defense projects, nor that they would be kept away from work for other US government departments or for governments of other countries.
The company had initially swept aside concerns about the use of Chinese worker on DoD systems, saying the global subject matter experts it relied on for support had no direct access to customer data or systems, and that they worked through authorized US personnel in accordance with US Government requirements and processes. “Only authorized US persons with the appropriate clearances and training provide direct support. These personnel are provided specific training on protecting sensitive data, preventing harm, and use of the specific commands/controls within the environment,” a company spokesperson said.
The company’s global support personnel — of which the Chinese engineers at issue are just part — work on DoD systems under the supervision of government-approved “digital escorts” but the escorts often lack the skills to monitor the work effectively, the July 15 report by investigative news service ProPublica said.
“We’re trusting that what they’re doing isn’t malicious, but we really can’t tell,” Propublica quoted one of the escorts as saying.
Source:: Network World