Microsoft 365 Government Community Cloud (GCC) High and Azure Government continues to evolve as more and more defense contractors move to this specialized version of the service. C3 continues to monitor new service offerings, product features and more to provide you the most current information as possible. Below are a handful of recent announcements and what they mean for your organization.
Microsoft recently announced that it has updated their service descriptions for Microsoft 365 GCC High. Microsoft 365 for US Government Product Marketing and Product Engineering teams have created top level O365 guidance along with specific product documentation for Compliance, Enterprise Mobility and Security, Microsoft Defender, SharePoint, OneDrive, Teams, Power Platform, Dynamics and even Outlook mobile clients.
Our C3 Team highly recommends taking a look at Service Descriptions; one of the more valuable items called out is the feature parity between the Commercial and Government Community to help manage deployment planning and user expectations. Another valuable resource we leverage at C3 is the M365 Roadmap. This handy tool (shown below) allows you to view updates for all products, across all stages of development including launched, rolling out and in development. Simply select GCC High for the Cloud to see updates that are associated with your GCC High environment. When we attended Microsoft Ignite in February, our contacts told us that their goal was to accelerate updates from Microsoft Commercial to GCC High; this tool helps to show that acceleration is taking place.
We have seen a lot of changes the past couple of months when it comes to Azure Government, which is the backbone of the GCC High tenant. We covered the many feature updates across Azure Sentinel, Azure AD Domain Services and DDoS Protection in our blog on Azure Government Updates. Microsoft has also recently announced how clients can leverage Azure Government to help with their CMMC needs.
These updates include the redesign of the Azure Government portal to look more like the commercial tenants, as well as introducing the ability to code directly with Cloud Shell.
All of these changes emphasize how important Azure Government is to Microsoft’s commitment to providing a secure and compliant environment. Keep in mind that all these features require an Azure Government subscription.
Azure Identity Protection provides the ability to monitor identity-based user risks via the automation and the use of the Conditional Access Policies. Alex Weinhert, who leads Microsoft’s Identity Security and Protection team provides an extremely helpful explanation about why automation is the key to dealing with these events.
Azure Identity Protection focuses on the following three areas:
Azure Identity Protection allows managers to control the use of administrator actions with auditable elevations of permission. This is accomplished by requiring an administrator to complete a process to elevate permissions either on a schedule basis or via a just in time method. All elevations are recorded and maintained for compliance needs. Azure Identity Protection also provides repeat audit events which can satisfy maintenance and audit requirements required under CMMC level 3. For each of the events, one can configure multiple options, default actions, and have the results automatically stored in an audit ready report.
Azure Government will only increase its power as Microsoft continues to prioritize improvements to it and the GCC High environment which means better security for your organization. Microsoft has always been a leader in corporate and enterprise software, and is now a leader in the security space as well. With their cloud focused approach the Microsoft 365 environment is rapidly expanding to meet the specialized needs for government contractors.
How and where we work will undoubtedly continue to shift, and we expect the improvements to GCC High to only increase as Microsoft keeps pace with the changing environment. As a Microsoft Gold partner, C3 has both the insight and experience to help you understand these new features and help leverage them for your environment. We’re here to help you sort through it all; please contact us at firstname.lastname@example.org to learn more.
Bill Wootton is the Founder and President of C3 Integrated Solutions, a full-service IT provider based in Arlington, VA that specializes in securing our nation’s Defense Industrial Base through cloud-based solutions and industry leading partners. Bill is passionate about bringing cyber-awareness, and cyber-maturity to the nation’s Defense Industrial Base, working with clients to help them achieve CMMC and NIST 800-171 compliance by providing MSP, security and Office 365 integration services.