Understanding Compliance Between Microsoft 365 Commercial, GCC, GCC-High and DoD Offerings

This is exactly what my organization was looking for and clears up a lot of the confusion between the different environments. Our organization initially set up O365 in GCC with an EA purchased through Microsoft when it was a new thing, and at the time it satisfied some of our security requirements, but the feature parity was not quite there yet. We opted to move back to Commercial due to this and have been using it for a few years. Now that CMMC requirements are being developed, we have to meet DISA IL4 standards to store and process CUI. This obviously cannot be done in O365 Commercial and we figured that since GCC has matured a little, we would begin the planning for a migration between Commercial and GCC. When I called Microsoft support for GCC to verify whether this tenant satisfied the IL4 requirements, me and my managers and coworkers were extremely confused to hear that our previously purchased EA with Microsoft in GCC was really a Commercial tenant, but this blog post clears up a lot of questions we had about what we were initially sold from Microsoft. This isn't explicitly detailed in writing on any of the documentation that is publicly available from Microsoft and I am so grateful to have come across this post. Again, thanks so much for the write-up on this and it gives us an easier way to move forward when we talk to our Indirect CSP.