This article is more than 1 year old

Microsoft Office 365 Cloud has a secret lining

Hardened versions of apps and services can handle classified information for government

Microsoft's Office 365 Government Secret cloud – a special SKU of the suite that was first talked about almost a year ago when it was being reviewed by the US government for accreditation – has become generally available.

The move gives the software leviathan another cloud offering it can bring not only to agencies like the Department of Defense (DoD) and various intelligence community offices, but also US to federal partners and state and local governments.

The announcement comes after Microsoft was one of four major cloud service providers tapped by the DoD in December to share in a $9 billion multicloud contract for the Joint Warfighting Cloud Capability (JWCC) program. That program was the successor to the controversial – and eventually dumped – $10 billion Joint Enterprise Defense Infrastructure (JEDI) deal.

All four providers – Amazon Web Services (AWS), Google Cloud, and Oracle along with Microsoft – offer cloud services that rise to the level of what the DoD's Defense Information Systems Agency (DISA) calls the Impact Level 5 (IL5) – for data in unclassified national security systems. In Redmond's case, that means its Azure Government Secret and Top Secret services for storing and protecting high-level data. Each of the four has received provisional authorization from the DoD.

With the unveiling of Office 365 Government Secret cloud, Microsoft has an environment for IL6 – the top classification level.

Office 365 Government Secret cloud provides the cyber security capabilities needed for such highly sensitive operations. It goes beyond storing and protecting the information, according to Paul Lorimer, corporate vice president of Office 365 Enterprise and cloud engineering.

Paired with Azure Government Secret and Top Secret, the Office 365 Secret Cloud offering means that "national security mission leaders can use the full cloud experience to not only establish an infrastructure platform to collect, process, and operationalize data, but to enable cloud-based collaboration and communication in the classified environment," Lorimer wrote in a blog post.

"With highly sensitive data, it is vital to ensure data is secure and controlled across multiple applications, devices, and workloads," he wrote, adding that Microsoft got input from government agencies to create the secure infrastructure.

When it was announced in December, the delayed awarding of the JWCC contract put the final spike into JEDI – the massive DoD cloud program that called for a single provider to run the whole thing. A number of providers jostled for position, and Nadella's padawans eventually won the contract.

AWS and Oracle sued, claiming – among other things – that the Trump Administration tipped the scales in Redmond's favor. In 2021, the DoD abandoned JEDI and began to push forward with what would become the JWCC.

The contract for that program states the goal is to create "enterprise-wide, globally available cloud services across all security domains and classification levels, from the strategic level to the tactical edge." Each cloud provider is cleared to provide what's needed as it's needed.

None of the vendors are going to get rich off a contract that, if averaged between 2023 and 2028, will hit about $1.8 billion a year. However, having environments accredited by the DoD for classified and secret information means they can each pitch organizations with similar high-security needs.

In the highly competitive cloud space, every bit helps. According to Synergy Research Group, in the third quarter 2022, global spending on cloud infrastructure services hit $57 billion – more than $11 billion higher than the year before. AWS continued to be the dominant player, with 34 percent of the market, followed by Microsoft with 21 percent, and Google Cloud at 11 percent. ®

More about


Send us news

Other stories you might like