Air Force consolidates Microsoft contracts to improve security

By

The U.S. Air Force consolidated 38 contracts for Microsoft software and nine support contracts into two enterprise-wide agreements, a move it says will improve security and save money.

The consolidation will result in three standard configurations that enforce strict security policies for all Microsoft desktop and server software, Air Force CIO John Gilligan said in a press conference Friday.


In addition to improving security, the consolidation will save the service more than $100 million over six years, he said.

Currently, the Air Force has thousands of different software configurations, and patching them is a complicated and time-consuming process that involves a lot of manual work, Gilligan said.

"It takes months, literally, in some cases. In that intervening period, we do have instances where someone uses an automatic attack and disrupts our system. The root cause is that system hasn't been patched yet," he said. "Probably about once a week, there is some disruption."

Having standard configurations will allow the service to automatically push out patches, Gilligan said.

The Air Force is working with Microsoft to develop the configurations from benchmarks developed by the Center for Internet Security. They will be designed to meet specific Air Force needs and all Air Force personnel will be required to use them.

www.pentagon.af.mil

 

 

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Researchers demo AI-crippling GPUHammer attack

Researchers demo AI-crippling GPUHammer attack

Qantas obtains court order to prevent third-party access to stolen data

Qantas obtains court order to prevent third-party access to stolen data

Google Gemini for Workspace vulnerable to prompt injection attacks

Google Gemini for Workspace vulnerable to prompt injection attacks

Log In

  |  Forgot your password?