Blog Post

Public Sector Blog
1 MIN READ

Understanding Compliance Between Microsoft 365 Commercial, GCC, GCC-High and DoD Offerings

RichardWakeman's avatar
RichardWakeman
Icon for Microsoft rankMicrosoft
Oct 18, 2019
There is an update to this article found at:   https://aka.ms/MSGovCompliance        
Updated Sep 23, 2024
Version 18.0
compliance
defense
federal
office365
public sector
Terry_Hebert's avatar
Terry_Hebert
Brass Contributor
Jun 20, 2020

Hello RichardWakeman and Shawn_Veney.  At an event last year I asked RichardWakeman if there was any difference when declaring an incident in GCC and GCC High.   He stated that the reporting was the same.  I assume that means attestations letters for GCC and GCC High are also the same?  Would you mind providing some background into how Microsoft responds to the (e) of the DFARS 252.204-7012 "preserve and protect images of all known affected information systems?  I am not aware of any large SaaS provider who is able to provide images but wanted to bring it to the forefront for discussion. 

 

Thank you for both again for creating this blog.  I reference it often.

Terry

 

(e)  Media preservation and protection. When a Contractor discovers a cyber incident has occurred, the Contractor shall preserve and protect images of all known affected information systems identified in paragraph (c)(1)(i) of this clause and all relevant monitoring/packet capture data for at least 90 days from the submission of the cyber incident report to allow DoD to request the media or decline interest.