Technical Data
The mission of Microsoft’s Government Security Program (GSP) is to build trust through transparency and provide agencies with the security information to protect their nation and citizens. Since the program’s inception in 2003, Microsoft has provided visibility into our technology and security artifacts which governments and international organizations can use to help protect themselves and their citizens from security threats. The Technical Data offering provides security assurance evidence via access to a broad range of confidential technical information (exclusive of source code), allowing participating agencies to evaluate the trustworthiness and establish a degree of confidence in of Microsoft products and services.
Access Enablement
Have assurance questions? Need access? GSP participants can use the Technical Data offering to request information, examine resources, and ask questions about Microsoft’s products and services. Access to a broad range of confidential information includes:
- Written materials such as documentation to internal white papers, architecture documents, and compliance reports
- Direct dialogue with Microsoft engineers or security experts through coordinated meetings by the GSP team
- Early access to documentation about Microsoft’s products and services
Technical Trips
In-person focused conversations with Microsoft engineers and security experts to cover security questions and geared towards providing participants with a greater degree of confidence in Microsoft products and services. Technical trips are deep technical conversations (held in a meeting setting) with Microsoft product groups about specific security topics of interest. To plan and facilitate these, the GSP team works closely with the agency to understand the security assurance goals and assist with selecting the best Microsoft engineering teams to meet with the agency. Technical trips are accommodated based on Micrsoft engineering team availability.
Use Cases
- Instances of documentation not broadly released about Microsoft’s products and services. Review security content related to Microsoft’s cloud services
- Engagements with engineers in many different formats including Technical Adoption Programs (TAP)
- Cloud service security, privacy and compliance documentation such as audit reports and risk assessments
- Common Criteria evaluation documents for Windows
- Opportunities for focused conversations, such as technical trips and executive briefings. Trip sample topics:
- Cyber Threat Intelligence (DCU)
- Vulnerability/Incident Response Process
- Product Security Features
- Telemetry
Contact Us
Contact your local Microsoft representative to learn more about the Government Security Program