New Apps and Services in Office 365 US Government
Published Jan 29 2018 05:00 AM 20.3K Views
Microsoft

Office 365 US Government.png 

By meeting compliance requirements of the US and State Governments, Office 365 US Government empowers agencies to realize a modern workplace supported by devices and services. Increased collaboration breaks down siloes within and across agencies, and secure mobility allows civil servants to remain productive in the field and away from desks. Cost savings and data center footprint reduction can be re-invested into digitizing citizen services.

 

Microsoft delivers Office 365 secure productivity and communication services like email, document creation apps and storage, intranet sites, and instant messaging/telephony to the US Government from three environments designed to meet the unique data handling regulations for controlled unclassified information. Architected according to NIST controls, FedRAMP requirements, and the DISA Security Requirements Guidelines, these environments store content in the continental United States, are operated by US citizens, and are authorized to hold Federal, criminal justice, Federal tax, and covered defense information.

 

We want to answer a few questions about the Office 365 US Government environments and offerings: What services and applications are included, why is the roadmap different from Enterprise offerings, and what services will be released in the future and when?

 

To answer this question in a meaningful way, we must explain the compliance commitments, audit process, and accreditation requirements. But if you want to skip ahead, the roadmap for Office 365 Government Community Cloud (GCC), Government Community Cloud (GCC) High, and DoD can be found at the end of this post.

  

The Office 365 GCC environment is designed for Federal, State, and Local government and has been available for about five years. With millions of monthly active users, agencies across the country are benefitting from cloud productivity and security services that meet their compliance requirements.

 

The Office 365 GCC High environment is designed for Federal agencies, defense industry, aerospace industry, and other organizations holding Controlled Unclassified Information. Introduced more recently, the GCC High offerings are ideal for national security organizations and companies with International Traffic in Arms Regulations (ITAR) data or Defense Federal Acquisition Regulations Supplement (DFARS) requirements.

 

The Office 365 DoD environment is designed for the US Department of Defense exclusively.

 

Office 365 US Government environments and associated compliance commitmentsOffice 365 US Government environments and associated compliance commitments

 

Every service introduced into the US Government offerings has undergone a third party review to ensure that we meet our compliance commitments to you. We complete audits regularly to make new capabilities available as frequently as possible. Release cycles differ from Enterprise offerings for new services, but once available, the service will align with the commercial user experience.

 

The October audit is complete, and Microsoft has received the 3PAO report, so we can confirm what will be released in the coming weeks. We will be sharing an updated roadmap at the Microsoft Government Tech Summit taking place in Washington DC on March 5-6, so stay tuned and don't hesitate to register to attend! Information will be published online also.

 

 

 

Upcoming Events:

 

Learn More:

 

Engage:

 

Technical:

  

Brian Levenson is the product manager for Microsoft 365 for US Government. Follow him on Twitter (@brian_levenson) and LinkedIn (Brian Levenson) for the latest in government technology and Microsoft 365 news.

14 Comments
Deleted
Not applicable

This is great. Could we get a delivery estimate for PowerApps, Flow, and Forms?

Deleted
Not applicable

@Brian Levenson , there are a fair amount of products/apps/features missing from the listings above - Planner, Flow, PowerApps, Stream, ToDos, Bookings, etc. Does this means that they are not going to be made available, or is this listing just the items already available and those to be released in Q1 2018?

Microsoft

Hi guys - great questions!

 

@Deleted - you're correct that there are a bunch of services and features that are available in Enterprise offerings but not on the list for US Gov. That just indicates that they are not available yet and will not be in Q1 2018. Our north star and principles are to bring the full set of Enterprise capabilities to each of the US Gov environments. It is a matter of when not if, and we will continue providing updates as audits are completed.

 

@Deleted - all three teams are actively engaged and working through compliance requirements and control sets. Next update in March once the audit scope is locked.

Deleted
Not applicable

Thanks Brian, it's great work MS is doing here, and my gov clients are really going to be helped by some of the new features, glad to know there is a commitment to bring them to Gov community.

Copper Contributor

@Brian Levenson

 

Any update? Planner, Teams, Hub Sites etc.

 

Thanks

Jerry

Copper Contributor

@Brian Levenson, where are the O365 GCC road map link that it refers to at the top of this page? 

 

Thanks.

Copper Contributor
Deleted
Not applicable

Looks like we have a roll out date of July 19th for Teams in the . gov tenants!

https://docs.microsoft.com/en-us/microsoftteams/planning-workshop-practical-guide 

Copper Contributor

Can someone provide guidance on the differences between GCC High and DOD? When looking at the roadmap for product Dev and release, is GCC and DOD used interchangeably?  Does anyone have a timeline for release of Teams on DOD? 

Copper Contributor

Robert, I think the biggest difference is in the security levels allowed. I believe UL 5 is for Secret and has stricter compliance requirements for DoD. This is why it's for the agencies only as contractors shouldn't store that level of government data outside government systems most of the time. GCC would be for DoD contractors and any government agency up through CUI.  I'm happy to be corrected if I'm reading it wrong.

Microsoft

Hi Robert, 

 

Thanks for the question on the difference between GCC High and DoD, the difference is that DoD is a DISA L5 environment restricted ONLY to DoD directly reporting to the US Department of Defense.

 

GCC High is L4 DISA and FedRamp High controls that has a controlled environment designed for Federal agencies, defense industry, aerospace industry, and other organizations holding Controlled Unclassified Information.

 

For more information on these definitions please refer to the service descriptions here: 

 

https://technet.microsoft.com/en-us/library/mt774581.aspx

 

@Nicole Berdy thanks for your comment, for clarification defense contractors that require FedRamp High, DFARs, and ITAR controls should be on the GCC High offering, which is what I believe you were referring to.

 

Thanks, 

Dan

 

Copper Contributor

I have been excited about new Office 365 features, only to find out they are not available to government tenets. Is there a government tenet roadmap somewhere?

Copper Contributor

@Brian Levenson I have a quick question regarding selection of commercial, GCC and GCC High O365 cloud. Is it possible to move some user accounts and data to commercial, some to GCC and some to GCC High for a single O365 tenant or we need 3 tenants one for each?

Microsoft

@Brian Thomas our commitment is to provide a secure and complaint boundary with all of the Microsoft 365 services and features coming to our Gov cloud environments. We'll focus on the most popular services first, and make sure that we audit and create the necessary controls needed to meet FedRamp and SOC requirements for controlled data. You can find our current offering list on the below sites:

 

Office 365 US Government Service Description: https://docs.microsoft.com/en-us/office365/servicedescriptions/office-365-platform-service-descripti...

 

upcoming offerings on www.microsoft365.com/roadmap

 

@sanyog gulaty the US Government offerings are setup to choose the environment meets that compliance and security requirements for the data that your handling. It would not be a good experience to put a single user on multiple tenants, and the individual services are aligned to one of the three environments (commercial, GCC, or GCC-High) for more information about the compliant boundaries please reference the service description above.

 

 

Co-Authors
Version history
Last update:
‎Feb 10 2023 12:29 PM
Updated by: