Understanding Compliance Between Microsoft 365 Commercial, GCC, GCC-High and DoD Offerings
Understanding compliance between Commercial, GCC, GCC High and DoD offerings: There remains much confusion as to what service supports what standards best. If you have DFARS, ITAR, FedRAMP, CJIS, IRS and other regulatory requirements and you are trying to understand what service is the best fit for your organization then you should read this article.Understanding Compliance Between Commercial, Government and DoD Offerings - February 2021 Update
Understanding compliance between Commercial, Government and DoD offerings: There remains much confusion as to what service supports what standards best. If you have DFARS, ITAR, FedRAMP, CJIS, IRS and other regulatory requirements and you are trying to understand what service is the best fit for your organization then you should read this article.History of Microsoft Cloud Service Offerings leading to the US Sovereign Cloud for Government
Microsoft has evolved our cloud service offerings to include the US Sovereign Cloud with Azure Government, Microsoft 365 GCC High and DoD. This article puts the history in perspective of how we ended up with multiple clouds, as opposed to one instance with many data enclaves.Microsoft Security Copilot and NIST 800-171
Microsoft Security Copilot can help commercial businesses in the Defense Industrial Base (DIB) meet the security requirements of NIST 800-171r3 and prepare for CMMC 2.0. Features and benefits of Security Copilot, such as automated threat detection, real-time alerts, advanced analytics, attack path analysis, and natural language explanations can improve the productivity and accuracy of security analysts. Explore how companies in the DIB may use these AI-powered capabilities to meet NIST 800-171r3 security requirements, detect and respond to threats more efficiently, and ultimately defend against threats with finite or limited resources.Microsoft US Sovereign Cloud Myth Busters - CUI Effectively Requires Data Sovereignty
We will focus on the myth that Controlled Unclassified Information (CUI) does not require data sovereignty. This article is written through the lens of requirements to protect CUI in the context of the U.S. Department of Defense for national security, such as in alignment with the Defense Industrial Base (DIB) and the Cybersecurity Maturity Model Certification (CMMC).Announcing the Azure Sentinel: Zero Trust (TIC3.0) Workbook
The Azure Sentinel: Zero Trust (TIC3.0) Workbook provides an automated visualization of Zero Trust principles cross walked to the Trusted Internet Connections framework. Compliance isn’t just an annual requirement, and organizations must monitor configurations over time like a muscle. This workbook leverages the full breadth of Microsoft security offerings across Azure, Office 365, Teams, Intune, Windows Virtual Desktop, and many more. This workbook enables Implementers, SecOps Analysts, Assessors, Security & Compliance Decision Makers, and MSSPs to gain situational awareness for cloud workloads' security posture. The workbook features 76+ control cards aligned to the TIC 3.0 security capabilities with selectable GUI buttons for navigation. This workbook is designed to augment staffing through automation, artificial intelligence, machine learning, query/alerting generation, visualizations, tailored recommendations, and respective documentation references.
