The U.S. General Services Administration has struck a deal with Microsoft that makes Microsoft 365 Copilot free for eligible federal agencies for the first year—the latest in a string of eye-popping discounts under the OneGov initiative. But security experts and procurement watchdogs warn that the headline price hides long-term costs, vendor lock-in, and an uncomfortable pattern of rewarding a company still reeling from serious cybersecurity lapses.

Announced on Tuesday, the GSA-Microsoft agreement is part of the OneGov program, an aggressive effort to centralize federal IT purchasing and drive down costs through government-wide bargaining power. Microsoft’s package includes free Copilot access for agencies with G5 contracts, steep discounts on Azure cloud services, Dynamics 365, Entra ID Governance, and Microsoft Sentinel, and what the GSA projects as $3.1 billion in first-year savings—$6 billion over three years if widely adopted. Agencies can opt in through September 2026, with discounted pricing on some products extended up to 36 months.

The OneGov Bargain: What’s on Offer

Microsoft’s offering is the most extensive of the OneGov deals so far, bundling productivity, cloud, and security tools under a single government-wide vehicle. The centerpiece is the zero-cost first year of Copilot for qualifying G5 customers, a move that undercuts competitors’ already nominal pricing. Alongside the AI tool, the deal slashes costs for Azure infrastructure, waiving or reducing egress fees in certain contexts, and includes “substantial discounts in subsequent years” for the suite, though the precise post-promotional price structure remains opaque.

The deal also covers Dynamics 365 for enterprise resource planning, Entra ID Governance for identity and access management, and Microsoft Sentinel for security information and event management. Implementation workshops and adoption support are included to help agencies onboard quickly—a sweetener that mirrors the administration’s push to accelerate AI experimentation under the America’s AI Action Plan.

How Microsoft’s Deal Stacks Up Against Competitors

The OneGov program has become a race to the lowest headline number. OpenAI and Anthropic each offered a year of ChatGPT Enterprise and Claude, respectively, for $1 per agency. Google then undercut them with Gemini for Government at just $0.47 per agency for a year. Oracle secured a 75 percent discount on its products, and AWS inked a separate multi-year cloud discount deal. By offering Copilot for free, Microsoft has effectively set the price floor.

However, these promotional unit costs are designed to encourage rapid onboarding, not to reflect total cost of ownership. “Pricing this low is not about serving agencies – it’s about forcing dependence on a single vendor, hiding future costs, and squeezing out fair competition,” said Nicholas Chaillan, former Air Force and Space Force chief software officer and founder of Ask Sage, who has filed protests against the GSA awards to OpenAI and Anthropic. The short shelf life of most OneGov deals—many expiring in late 2026—raises the specter of an “adoption cliff,” where agencies face steep price hikes after the promotional period ends, with limited alternatives because of entrenched integrations.

The Security Paradox: Authorizations vs. Incidents

Microsoft has leaned heavily on its compliance posture to sell the deal, noting that many of the included services hold FedRAMP High authorizations and that Microsoft 365 Copilot has received provisional Department of Defense authorization, with FedRAMP High “expected soon.” Yet those certifications haven’t prevented a string of high-profile security failures.

Just days before the GSA announcement, the Pentagon formally barred Microsoft from using China-based engineers to support sensitive Defense Department cloud services—a practice Defense Secretary Pete Hegseth called “mind-blowing.” That followed last year’s breach of Exchange Online accounts used by senior federal officials, which former White House cyber policy director AJ Grotto labeled a national security threat. More recently, a critical SharePoint Server zero-day was exploited by suspected state-backed hackers to target a “major western government,” with Microsoft’s initial patch only “partially” effective.

“The Chinese are so well prepared and positioned on Microsoft products that in the event of hostilities, we know for a fact that Chinese actors will target our critical infrastructure through Microsoft,” Roger Cressey, a former senior cybersecurity advisor under presidents Clinton and Bush, told The Register. These incidents raise uncomfortable questions about whether FedRAMP authorizations are sufficient assurance when the operational reality includes unpatched vulnerabilities and questionable supply-chain practices.

Procurement Pushback: The $1 Trap and the Lock-In Cliff

Chaillan’s protests center on what he sees as a violation of federal acquisition rules: contracts awarded without open competition, terms that aren’t public, and pricing so low it effectively bars other vendors. “What looks cheap today will leave the government with higher costs, fewer options, and greater risk tomorrow,” he said. The GSA has not released full contract texts, making independent verification of terms impossible.

Beyond the immediate pricing, critics warn that Microsoft’s deep integration of Copilot into the M365 ecosystem—along with proprietary agent frameworks and data connectors—will make future migration costly. Agencies that invest in custom workflows, retrain staff, and build dependencies around free tools could face a multi-million-dollar exit bill when the promotional period ends. The lack of guaranteed data portability and contractual egress terms in the public announcements adds to the unease.

A Checklist for Federal IT Leaders

For CIOs and acquisition teams, the OneGov Microsoft offer presents a high-stakes balancing act. Practical steps can help manage risk while capturing genuine value:

  • Validate authorization paths meticulously. Map your agency’s data classifications and mission requirements to the exact FedRAMP or DoD authorization for the specific tenancy model, Copilot configuration, and geographic boundaries you will use. Vendor marketing claims are not a substitute for a P-ATO or ATO package.
  • Build multi-year total-cost-of-ownership models. Include not only subscription costs but integration labor, training, security monitoring, support, and exit migration expenses. Stress-test year-2 and year-3 price scenarios, and demand transparency on post-promotional rates.
  • Negotiate contractual portability and egress guarantees. Require explicit data export formats, timelines, and third-party migration assistance. An “off-ramp” clause is essential.
  • Run constrained pilots with human-in-the-loop controls. Use the free period to test real-world accuracy, security, and productivity gains against clear success criteria before scaling.
  • Insist on third-party security attestations and continuous monitoring. Supplement vendor assurances with independent audits, patching SLAs, and logging requirements written into the Statement of Work.
  • Maintain a multi-vendor strategy. Avoid single-supplier lock-in for mission-critical pipelines; design architectures that allow federated identity and layered services.

The Road Ahead: Uncertainties and Watchpoints

Several open questions will define the long-term impact of the Microsoft OneGov deal:

  • Contract transparency. The GSA’s refusal (so far) to release full contract language leaves agencies and watchdogs unable to assess risks fully. Chaillan’s protests could force disclosure and potentially reshape the terms.
  • Post-promotional pricing. When the initial free or deeply discounted period ends around September 2026, agencies will face a budget reckoning. Whether Microsoft extends discounts, renegotiates, or pushes prices back toward commercial levels will determine the real savings.
  • Security remediation and audits. The Pentagon’s ongoing investigation into Microsoft’s “digital escort” practices and the fallout from the SharePoint exploitation will influence how agencies view the vendor’s security claims. Any negative audit findings could complicate ATO processes.
  • Operational maturity of FedRAMP-authorized AI. As Copilot and Azure AI services move from provisional DoD authorizations to full FedRAMP High, agencies need to verify that the security controls keep pace with rapidly evolving AI features and agentic capabilities.

Bottom Line

The GSA-Microsoft OneGov agreement is a high-velocity experiment in using centralized purchasing to jump-start AI adoption across the federal government. Free Copilot and steep discounts can genuinely accelerate productivity and modernization if agencies approach them with discipline. However, the deal also amplifies long-standing trade-offs: nominal prices can mask future lock-in, security authorizations don’t eliminate operational risks, and a procurement model that rewards a vendor with a recent history of national-security lapses deserves scrutiny. For federal IT stewards, the incentive is real—but so is the need for old-fashioned skepticism, thorough due diligence, and a clear plan for life after the freebies end.