The Defense Department is opening an investigation to determine if the tech giant’s use of overseas engineers to maintain sensitive U.S. government computer systems compromised national security.
U.S. personnel with security clearances supervise foreign engineers, including those in China
Again, working on a codebase doesn’t give you access to the production systems. Neither does being Chinese affect whether you are a reliable third party contractor.
If the workers were supervised and the supervisors were competent, there was no real security risk. Both of those are the big “Ifs” though. And that’s why doing layers of outsourcing creates risks regardless of who you’re outsourcing to.
The supervisors did not have the expertise to know what the foreign workers were doing, otherwise there would not have had to be 2 workers in the first place. And the foreign workers were not just writing code - they were doing sysadmin. On DoD systems.
I don’t know how to make any more clear to you but it’s completely obvious to anyone that actually understands these things that this was terrible opsec, and obviously not how any reasonable person would expect a DoD contract to be managed.
I’m sorry but you just straight up don’t know what incident is being discussed here. Go look it up instead of talking about unrelated bullshit.
Again, working on a codebase doesn’t give you access to the production systems. Neither does being Chinese affect whether you are a reliable third party contractor.
If the workers were supervised and the supervisors were competent, there was no real security risk. Both of those are the big “Ifs” though. And that’s why doing layers of outsourcing creates risks regardless of who you’re outsourcing to.
The supervisors did not have the expertise to know what the foreign workers were doing, otherwise there would not have had to be 2 workers in the first place. And the foreign workers were not just writing code - they were doing sysadmin. On DoD systems.
I don’t know how to make any more clear to you but it’s completely obvious to anyone that actually understands these things that this was terrible opsec, and obviously not how any reasonable person would expect a DoD contract to be managed.
If that’s the case, then the work should be in house