"Discussions are underway to expand a recent standardized security management cybersecurity initiative between the Air Force and the Microsoft Corporation so that the results can be shared and applied in other government agencies at no additional cost for software if they are using the same product baseline as the Air Force," an official with the Office of Management and Budget said in a statement.
Last year, the Air Force worked out a deal with Microsoft to consolidate its many software contracts into three enterprise-wide agreements. The deal will produce three or four standard configurations that enforce strict security policies for all Microsoft desktop and server software. All Air Force personnel will be required to use the configurations.
Air Force CIO John Gilligan said in December that the Air Force was looking into whether the configurations, which will help streamline patching, could be used by other government agencies. As reported in SC Magazine the Air Force is hoping to save $100 million over the next six years.
According to the OMB official, the Air Force will make its secure configurations available to the Department of Homeland Security, which will share them with other federal agencies.
The Air Force deal with Microsoft advances a directive in the President's National Strategy to Secure Cyberspace which was to reduce and remediate software vulnerabilities, according to the OMB.