That may be how Microsoft would like to portray it but I disagree.

A production system is a system that is operated to serve its actual purpose rather than being used as a development or testing environment.

From the point of view of in-house IT, the company's email server is a production system. It is what they produce for their in-house customers.

That is how it has been defined at every SAAS company I have worked for. When someone says there is an outage in production, it means your product.

In the context of an outage at a service provider this slightly sloppy language is sufficient to convey all relevant meaning.

In the current context, this language is part of a pattern to carefully choose words in such a way as to downplay what has happened.

As I said, the work of the CEO, the cybersecurity team and the legal team is part of the overall production process at a software company.

Okay, but then why also not consider chairs breaking in the office to mean part of the production is down? Or a coffee machine?

If my coffee machine suddenly stopped working it would definitely have a detrimental effect on production. I can guarantee you that :)

But in general I would say routine janitorial maintenance issues don't have quite the same potential to affect production as Russian criminals reading the email of Microsoft's cybersecurity team.

The only defintion that matters is the practical definition that most people would think of, not what the “book” says. Whenever someone tells me “production is down” I think that customers are screwed. If they told me our internal email servers are down, I would smack them in the head cause my stress levels went up for nothing. Internal servers is not production.

But we're not talking about a service outage. In the context of an outage at a service provider I might agree with you.

In this instance, a system used by the cybersecurity team to do its actual job was breached - not some development or testing server.

We don't know what it was exactly that these attackers were looking for or what they found. But it is absolutely possible that the information they gained enables them to protect an ongoing or future attack against Microsoft's customers.

I think I disagree but we might be in agreement based on your thoughts… internal servers that are in the path of data pipelines that customers need are also production. For example, let’s say you have a warehouse and there is some way to manage inventory in there. No customer goes into Microsoft dynamics themselves. However, this Microsoft dynamics is production because our customers rely on the data this provides.

It doesn’t matter to customers if Microsoft teams is down and we are talking to each other internally using iMessage and signal but anything that is in the data path is production.

> Internal servers is not production.

I’m going to take a wild guess here and say you don’t really run any kind of system. “Internal is not production” is the weirdest statement I have heard in a long time.

Of course these systems are production. Not only production, but _P1_ level production.

If the blog post was written by their internal IT team, you’d be totally justified in reading “production” to include their internal systems.

No. Whether or not a system runs in production as opposed to a testing/development environment is not a question of who is writing a blog post.

Microsoft produces software and services. The communications of their CEO as well as their cybersecurity and legal teams is part of that overall production process.

Test environments serve the production purpose of testing software.

That's pure sophistry.

A system used by the cybersecurity team for its day to day work was breached by attackers constantly trying to break into customer systems.