Hold on to your hats people, the MoD's found the cloud The Ministry of Defence has inked the single largest Microsoft Enterprise Agreement across the public sector, designed to gradually shift users to the cloud, specifically Office 365. The EA was tendered under Lot 2 of the Technology Products agreement, a framework that kicked off in November last year, and Comparex beat …
"That said shouldn't the government here be more careful than to use a US based service"
With Office 365 you can make sure your data is only stored in a specific region. Europe for instance.
"when the US response to the concern of non-US citizens/organisations being spied upon is little more than 'screw you'"
Microsoft has rolled out data encryption with "bring your own keys" HSM encryption based on military grade Thales HSM systems to store certificates without Microsoft or anyone you don't want having access to them...For the MOD to be using this clearly they are happy that it's secure.
Microsoft has rolled out data encryption with "bring your own keys" HSM encryption based on military grade Thales HSM systems to store certificates without Microsoft or anyone you don't want having access to them
I just hope that the MoD aren't relying on this 'HSM in the cloud' that Microsoft seem to provide. Otherwise they're still relying on hardware provided by and run by a 3rd party.
http://www.informationweek.com/cloud/infrastructure-as-a-service/microsoft-matches-amazon-with-cloud-crypto-key-storage/d/d-id/1318548
"I just hope that the MoD aren't relying on this 'HSM in the cloud' that Microsoft seem to provide. Otherwise they're still relying on hardware provided by and run by a 3rd party."
It doesn't matter too much who runs the hardware as it is designed not to allow unauthorised key access by any party. So short of stealing the hardware from a secure datacentre, slicing up the chips and looking at them under an electron microscope it's pretty secure . No doubt the UK military would have obtained suitable assurances on this from Thales...
Picture with article: One of those twin rotor choppers was flying circuits round Selly Oak/QE Hospital a month or so ago. Low and people looking out the windows. Very impressive - the rotors go amazingly slow given the scale of the thing. I'm assuming it was an exercise of some kind.
Back on topic: presumably low risk traffic on the cloud. They would just use project names for anything sensitive ("RE: steampunk - starting positions now please")
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
