A couple of important releases last month mark a major milestone for the GCC High program. Most notably, Microsoft Cloud App Security and Azure Advanced Threat Protection (ATP) is now in general availability. This, combined with Microsoft Defender ATP, rounds out the Enterprise Mobility + Security E5 license.
Until now, we’ve been reluctant to recommend the E5 licenses because these services were not available. However, now that they are released, both new and renewing clients should consider the E5 license. Here’s a quick overview about each service:
Microsoft Cloud App Security is a “Cloud Access Broker (CASB) that supports various deployment modes including log collection and API Connectors.” What does that mean? Simply put, Microsoft Cloud App Security is an integration into Microsoft Azure security services with Microsoft and non-Microsoft cloud applications that provides a level of visibility not previously available through Microsoft. If you are unsure whether Microsoft Cloud App Security applies to your environment, consider the following questions:
Based on your answers to these three basic questions it should become clear why Cloud App Security becomes so valuable. Without it, implementing technical controls to monitor and control data flow as required by NIST 800-171 and the CMMC will be difficult at best.
Azure ATP “enables your organization to monitor users and behaviors and identify and investigate suspicious activities and advanced attacks.” Azure ATP has come a long way from the standalone product lines which included advanced spam filtering, Windows 10 anti-virus, and cloud security. Microsoft has connected the three product lines to produce a fully integrated solution. This translates into a service which identifies internal and external threats, and provides tangible security measures to identify, remediate, and report on any identified threats. Another significant feature of ATP is the ability to leverage its capabilities along with Cloud App Security to protect systems and data outside of the Microsoft 365 ecosystem. Azure ATP can integrate with many popular cloud applications to monitor for threats by leveraging how the Windows 10 endpoint is interacting with the cloud applications. which stem from Windows 10 endpoints, email, and the suite of Microsoft cloud apps such as SharePoint, OneDrive, and Teams.
As usual, there is not yet full feature parity between Commercial and GCC High. The EM+S for US Government service description provides some guidance as well as links to pages that provide detail on any gaps.
Despite the gaps, these services, along with Azure Information Plan 2 and Azure Active Directory Plan 2 combine to make the EM+S E5 license a really strong option to meet a host of both security and compliance needs.
At the Microsoft Ignite conference they also announced some new updates to Teams in the GCC High environment:
The most exiting update is the ability to share externally to both the GCC and Commercial clouds. Up until this point, there was no easy way to share with people outside your organization. Admins will also be very excited about the E-discovery features, and the new admin center to manage their Teams, which provides them with the ability to start archiving Teams that are no longer active. These changes to Teams continue to show Microsoft’s pledge to align the GCC High environment with the features that are in the Commercial cloud.
We’ve been working with a partner and testing out Office 365 GCC High Back-up. This service is very close and we should be ready for release in early January. Backing up data is a new requirement starting at Level 3 for CMMC so this is a timely release that we’ve had many requests for. Stay tuned and we’ll hopefully have the answer in the new year.
Contact your account team or reach out to us at firstname.lastname@example.org to discuss how these services, as well as Office 365 GCC High cloud environment overall can help you meet your security and compliance needs.