Audience: Public Sector Contracting & Procurement | Government, DoD, Aerospace IT Executives
A large portion of Microsoft’s Premier/Unified support is outsourced and delivered by foreign nationals. For many Federal agencies, Defense contractors and Aerospace enterprises, this introduces unnecessary risk of data exfiltration, ransomware and espionage.
“Inserting foreign nationals into the country’s (USA) technical support supply chain is irresponsible and poses a needless risk to our intellectual property and national security.”
— Robert E. LaMear IV, FOUNDER, US CLOUD
Microsoft does have a limited pool of active security clearance Designated Support Engineers (DSE) available at ultra-premium rates for their Federal Cloud customers’ IT projects. However, MSFT will not contractually commit that all Premier/Unified support tickets will be handled by US citizens, putting many agencies and contractors out of compliance. Fortunately, these agencies now have the ability to cut their MSFT support cost and receive superior support with US Cloud.
With Government, DoD or Aerospace IT systems, security is of paramount concern.
As previously mentioned, Microsoft is unable to guarantee a foreign national will not provide Microsoft support services to its government clients. In December 2019, the massive Microsoft support data breach resulted in thousands of Microsoft Premier Support customers system information, logs and tickets being exposed. There is a good chance that some of the system intel gleaned from the data breach increased the success of several recent high profile Microsoft hacks in 2021.
To be fair to Microsoft, who outsources a good portion of its Premier/Unified support overseas, it seems likely that the Premier support data breach was caused by an outsourcing partner overseas, and not Microsoft proper. There were 3 big takeaways from the Microsoft Premier Support data breach:
The Pentagon has a communicated expectation for military superiority on land, air, sea, space and cyber. The Joint Warfighter Cloud Capability (JWCC) program will enable the DoD to rapidly modernize systems and leverage cloud, machine learning and AI for mission success.
The Pentagon could use US Cloud’s IT support sovereignty to extend military superiority to the Microsoft support supply chain for JWCC and other DoD active security environments. US Cloud will contractually guarantee that all encrypted support logs and tickets remain in the USA and all support personnel working help desk tickets are rigorously screened US citizens.
US Cloud Premier support for all Microsoft technologies delivers 4x faster response times than MSFT as well as the only financially backed SLAs in the industry. All Federal, state and local government clients enjoy the benefits of support superiority in addition to significant budget savings. The US State Department saved 38%. The US Department of Labor saved 42%. The Environmental Protection Agency saved 53% and $7.5M over the next five years with sovereign support at US Cloud.
Microsoft is addressing the DoD’s requirement for data sovereignty and making sure that its US Federal cloud data centers are manned only by screened US citizens. However, Microsoft does not guarantee that when a DoD entity picks up the phone for an Office 365, Azure or other Microsoft issue, that the person on the other end of the phone is not a foreign national.
Microsoft Azure for Government Cloud Adoption Framework
US Cloud plays a key role in the sustainment phase of the Azure for Gov to service DoD, Federal, state, local and aerospace entities.
And while most issues covered under Microsoft Premier (Unified) Support are fairly routine and not agency critical, there can and will be incidents that expose sensitive information to support personnel.
It is irresponsible to needlessly risk a foreign national working a Microsoft Azure Gov Cloud support ticket and possibly causing irreparable harm.
Microsoft Premier (Unified) support services is increasingly using third party providers (including but not limited to Wipro and Tata) to augment their own team. DoD, Federal, Intelligence, State/Local Government and Aerospace organizations have found that contractually, Microsoft will not guarantee that a foreign national will not answer the support line or work their tickets. Many are switching from Microsoft to US Cloud to better protect their mission, constituents and budget.
In April 2019, Indian information technology (IT) outsourcing and Microsoft Premier (Unified) support provider Wipro (NYSE: WIT) was hacked. The story was broken by Krebs on Security. Sources claim that the remote access tool ScreenConnect was used in March 2019 to compromise Wipro systems and then pivot to attack Wipro customers in the US and other countries. The source of the attack is still unknown however an interesting transaction took place in the same month that the Wipro data breach story broke.
Foreign nation state risk – On April 4, 2019, the government of India sold “enemy” shares in Wipro worth approximately $166 million. According to this article in The Business Standard, enemy shares are so called because they were originally held by people who migrated to Pakistan or China and are no longer Indian citizens.
“A total of 44.4 million shares, which were held by the Custodian of Enemy Property for India, were sold at Rs 259 apiece on the Bombay Stock Exchange,” The Business Standard reported. “The buyers were state-owned Life Insurance Corporation of India (LIC), New India Assurance and General Insurance Corporation LLC.”
Foreign nation state attacks – The June of 2019 announcement of Cloud Hopper attacks compromised several prominent providers including Tata, a commonly used 3rd party staffing extension of Microsoft Premier (Unified) support services. Reuters originally reported on the attack. Tata has refused comment. A US indictment is now pending and the Chinese Ministry of State Security is suspected as the source of the attack.
Reuters sources said the attacks were ongoing from 2014-2017 and aimed at global IT outsourcing providers with the sole goal of stealing commercial secrets from their clients. Coincidentally, in 2014, Tata was sued by Epic Systems in the USA for intellectual property theft and lost a judgement for $420M.
The fight over a cloud computing project does not appear to be completely over yet. The Pentagon said in the press release that it still needs enterprise-scale cloud capability and announced a new multivendor contract known as the Joint Warfighter Cloud Capability (JWCC).The agency said it plans to solicit proposals from both Amazon and Microsoft for the contract, adding that they are the only cloud service providers that can meet its needs. But, it added, it will continue to do market research to see if others could also meet its specifications.
“The mission needs have been our primary driver on this,” said DOD Acting Chief Information Officer John Sherman.
The Pentagon said its cloud vendor for the new contract will have to meet several criteria, like working on all three classification levels (i.e. unclassified, secret or top secret), be available around the world and have top-tier cybersecurity controls.
The agency said it expects the new contract value to be in the multibillions, though it is still determining the maximum value. It expects the contract to last up to five years, including a three-year performance base period and two, one-year option periods.
The Pentagon expects the JWCC to “be a bridge to our longer-term approach,” Sherman said. He said the department expects to make the direct rewards through the contract around April 2022 and open a broader competition as soon as 2025.
Microsoft support outsourced to vendors overseas are typically identified on emails as a V-dash. If you see a V-dash Microsoft email working your Premier/Unified support ticket, your data, ticket and support personnel are most likely outside the USA, and jeopardizing your organization’s compliance.
V-dash: A vendor who works with Microsoft who may also have a temporary Microsoft email address preceded by the “V-” prefix. Also called a “Green Badge” for the color of their physical badges issued by Microsoft when on the company campus.
JWCC is good example of how outsourced support at Microsoft could endanger your organization’s mission as well.
Scenario 1 Minimal Impact: A foreign national working for Microsoft via its 3rd party offshore outsourcers, and supporting the Joint Warfighter Cloud Capability (JWCC) program via its Microsoft Premier (Unified) Support contract with DoD, receives a “mission-critical” severity support ticket and purposefully delays the resolution process by hours or days. At a minimum, slowing the operational velocity of DoD, but at most threatening missions of deployed warfighters. The “Microsoft employee” with a v-card then passes along the Root Cause Analysis (RCA) to the nation state of their true employ to create a framework for future cyber attacks on JWCC.
Scenario 2 Moderate Impact: A foreign national working for Microsoft via its 3rd party offshore outsourcers, says he needs remote access to DoD systems to troubleshoot and is granted privileges. The “Microsoft employee” with a v-card then uses the access to either compromise the environment by planting malware or syphons sensitive data to the nation state of their true employ.
Scenario 3 Severe Impact: A foreign national working for Microsoft via its 3rd party offshore outsourcers, has gained remote access to JWCC systems and is slowly and stealthily mapping its failover model. The “Microsoft employee” with a v-card then uses this model and is poised to activate dormant and undetected malware to steal credentials and take down a portion of JWCC or all of JWCC limiting the DoD’s ability to detect or respond to a larger coordinated cyber or military attack on the United States.
DoD, Federal, Intelligence, State/Local Government and Aerospace organizations are all encumbered with technical debt and legacy systems. They must modernize and invest in new technologies to move their missions forward.
US Cloud immediately returns 30-50% of Microsoft Premier (Unified) Support expenses to the budget in year 1. Since Microsoft Unified is driven primarily by MSFT cloud consumption growth, 5-year forecasts reveal even more savings with US Cloud.
Typical savings years 2-5 are over 250%. It’s not uncommon for larger organizations to see 300% + savings over 5 years and millions of dollars freed up to invest in innovation and drive missions forward.
US Cloud Premier Support for Government serves the needs of: Federal government, state government, local government, aerospace, healthcare/hospitals, education/schools and Research labs.
eProcurement: SAP Ariba, GSA, Exostar
US Cloud Business Profile: Certified Small Business registered with SAM.gov, MPIN 86137652R, SBA Office Code 0768, DUNS# 78-462-6355, NAICS 541511, PSC AJ26, CAGE 4XKR3, NIGP 920-45-84, Country 189, Congressional district 02, Metro statistical area 7040
Contract Vehicles: NASPO, GSA, GWAC, IDIQ
Background Checks: DD254, DHS E-Verify