Amazon.com Inc. has delayed the deployment of Microsoft Corp. cloud-based Office Suite by one year as the two companies work to address Amazon’s focus on the security of email and productivity software. The tech giant signed a deal last year to provide Amazon employees with Microsoft 365, a cloud-based package that includes Word, Outlook, Windows and other software. Amazon has long used the version of Office installed on its own servers.
But Amazon paused its promotion after Microsoft discovered that a hacker group with Russia had obtained email accounts from some employees. After analyzing the software, Amazon asked for changes to prevent unauthorized access and to perform more detailed accounting of user activity in the application, some of which Microsoft also marketed as Office 365.
It’s an unusual fusion of events: a large number of commercial deals between two Seattle-area cloud-computer rivals, state-sponsored hackers and engineering collaborations could improve the security of the world’s most widely used office productivity software.
“We delved into the O365 and all the controls around, and we kept it all the time – like any service team inside Amazon, we fixed them on the same bar,” said CJ Moses, Amazon’s CIS officer. The team gave Microsoft Security Chief Charlie Bell, a former Amazon Engineering Director, a list of enhanced requirements that engineers at both companies have spent months making these changes.
“We believe we are a great place to redeploy next year,” Moses said in an interview at Amazon Web Services RE: Invent Conference last week. Microsoft declined to comment.
According to Business Insider, Amazon has pledged $1 billion (about Rs 848.21 crore) in five years to buy 365 Microsoft software with about 1.5 million employees. The deal puts Amazon the second largest private employer in the United States, behind Walmart, one of the largest buyers of Microsoft’s flagship cloud productivity suite.
Then, last fall, a hacker team called Midnight Blizzard attacked some of Microsoft’s corporate systems. The company revealed in January that the group eventually gained access to a “few” employee email account, including senior leaders and cybersecurity and legal workers. It was one of a series of mistakes that stimulated CEO Satya Nadella to announce the top priority of Microsoft.
Moses advised Amazon security chief Steve Schmidt and CEO Andy Jassy earlier this year that the company suspended promotions to give Microsoft a review of the losses and further investigations into Amazon time.
“At that time, Microsoft couldn’t tell us whether they drove (hackers) out of the environment.”
Moses said Amazon’s request includes modification tools to verify that users accessing the app are properly authorized and once in, track their operations in a way that Amazon’s automation system can monitor changes that may indicate security risks. Microsoft’s bundle, pieced together into separate products, includes different protocols for authentication and tracking users, some of which do not meet Amazon’s standards.
“We wanted to make sure everything was recorded and we could access that login in a near-realistic time,” Moses said. “That was part of the hang.”
Moses said Bell oversees Moses on AWS before heading to Microsoft in 2021, noting that Microsoft will enable other customers to provide enhanced functionality. He praised his former boss for his efforts.
“They’ve done Yoman’s work,” Moses said. “We gave them some very steep tasks.”
©2024 Bloomberg LP
(This story has not been edited by Tech Word News’s staff and is automatically generated from the joint feed.)
