Event banner
Event details
How does Microsoft plan to leverage CMMC for GCCH with customers who are in both GCCH and Commercial. Without cross-sovereign awareness for cloud tenancies, managing multiple tenants becomes cumbersome and overhead costly. While you can attain tenant-specific maturity levels; how does a multi-sovereign-cloud organization do this efficiently and cost-effectively? Example: Using the same tools in both tenants to manage document protection. Today, tenants cannot 'share' protection policies or labels. What is Microsoft's approach to allowing organizations that *have to* span different sovereign clouds a more unified administration and protection model?
Bergin2
Microsoft
MicrosoftMarcos, great question we are approaching that problem of CMMC as a common 3rd Party Validated standard that allows us to engage with partners at a common security posture. When we talk about bridging the commercial, or even another GCCH tenant, we have to recognize that not just MIP is an issue but citizenship access restrictions, geographic constraints, or other unique contractual terms. Establishing a DMZ offers one way to address project specific work items. It isn't perfect but it works today and we, like you, have active contracts we need to keep supporting.