By meeting compliance requirements of the US and State Governments, Office 365 US Government empowers agencies to realize a modern workplace supported by devices and services. Increased collaboration breaks down siloes within and across agencies, and secure mobility allows civil servants to remain productive in the field and away from desks. Cost savings and data center footprint reduction can be re-invested into digitizing citizen services.
Microsoft delivers Office 365 secure productivity and communication services like email, document creation apps and storage, intranet sites, and instant messaging/telephony to the US Government from three environments designed to meet the unique data handling regulations for controlled unclassified information. Architected according to NIST controls, FedRAMP requirements, and the DISA Security Requirements Guidelines, these environments store content in the continental United States, are operated by US citizens, and are authorized to hold Federal, criminal justice, Federal tax, and covered defense information.
We want to answer a few questions about the Office 365 US Government environments and offerings: What services and applications are included, why is the roadmap different from Enterprise offerings, and what services will be released in the future and when?
To answer this question in a meaningful way, we must explain the compliance commitments, audit process, and accreditation requirements. But if you want to skip ahead, the roadmap for Office 365 Government Community Cloud (GCC), Government Community Cloud (GCC) High, and DoD can be found at the end of this post.
The Office 365 GCC environment is designed for Federal, State, and Local government and has been available for about five years. With millions of monthly active users, agencies across the country are benefitting from cloud productivity and security services that meet their compliance requirements.
The Office 365 GCC High environment is designed for Federal agencies, defense industry, aerospace industry, and other organizations holding Controlled Unclassified Information. Introduced more recently, the GCC High offerings are ideal for national security organizations and companies with International Traffic in Arms Regulations (ITAR) data or Defense Federal Acquisition Regulations Supplement (DFARS) requirements.
The Office 365 DoD environment is designed for the US Department of Defense exclusively.
Every service introduced into the US Government offerings has undergone a third party review to ensure that we meet our compliance commitments to you. We complete audits regularly to make new capabilities available as frequently as possible. Release cycles differ from Enterprise offerings for new services, but once available, the service will align with the commercial user experience.
The October audit is complete, and Microsoft has received the 3PAO report, so we can confirm what will be released in the coming weeks. We will be sharing an updated roadmap at the Microsoft Government Tech Summit taking place in Washington DC on March 5-6, so stay tuned and don't hesitate to register to attend! Information will be published online also.
Brian Levenson is the product manager for Microsoft 365 for US Government. Follow him on Twitter (@brian_levenson) and LinkedIn (Brian Levenson) for the latest in government technology and Microsoft 365 news.