Understanding Compliance Between Commercial, Government, DoD & Secret Offerings - July 2025 Update
Understanding compliance between Commercial, Government, DoD & Secret Offerings: There remains much confusion as to what service supports what standards best. If you have CMMC, DFARS, ITAR, FedRAMP, CJIS, IRS and other regulatory requirements and you are trying to understand what service is the best fit for your organization then you should read this article.Microsoft Reference Identity Architectures for the US Defense Industrial Base
The white paper “Microsoft Reference Identity Architectures for the US Defense Industrial Base” is the result of deep collaboration among the National Defense ISAC "MSCloud" Working Group. It provides the group’s consensus on common challenges coupled with guidance on potential ways to overcome those challenges.Microsoft Collaboration Framework for the US Defense Industrial Base
This article focuses on the candidate reference architectures for identity to accommodate Multi-Tenant Organizations (MTO), and specifically those that have a deployment in the US Sovereign Cloud with Microsoft 365 US Government (GCC High) and Azure Government. It also addresses external collaboration in highly regulated environments, inclusive of organizations that are homed in either Commercial or in the US Sovereign Cloud.Support for DFARS in Microsoft 365 Government (GCC High)
Microsoft 365 Government (GCC High) meet the applicable requirements of the DFARS Clause 252.204-7012 (Safeguarding Unclassified Controlled Technical Information). Specifically, the requirements within the Clause that are applicable to the Cloud Service Provider (CSP) and their commitment to fulfill these requirements.Microsoft Product Placemat for CMMC - October 2024 Update
This Microsoft Tech Community Public Sector Blog post is an update of the Microsoft Product Placemat for CMMC assisting the Defense Industrial Base (DIB) for compliance with the Cybersecurity Maturity Model Certification (CMMC) from the U.S. Department of Defense (DOD).Preparing for CMMC 2.0: Build New or Fix Old?
When preparing for CMMC compliance, defense contractors often evaluate two options: build a new environment or try to fix their current one. Both options have pros and cons, and the decision will depend on several factors, such as the current state of the environment, the budget, the timeline, and the desired level of CMMC certification.Microsoft Modern Work, Security, and Surface Evangelist to Speak at Upcoming Cloud Security Event
The Cloud Security and Compliance Series (CS2) is the go-to event for DoD contractors leveraging the Microsoft Cloud who are looking to prepare for CMMC / DFARS compliance; specifically, CS2 sessions will equip those in the Microsoft Gov Cloud with knowledge for CMMC assessment preparations because of the recent submission of the CMMC ruling.Virtual Conference Focused on CMMC and Microsoft's US Sovereign Cloud
Thursday, February 04, 2021, 08:30 AM – 03:00 PM (CST) This third installment of the Cloud Security and Compliance Series (CS2) Virtual series is curated for DoD contractors looking to meet cybersecurity regulations, address security threats, and glean best practices for their Microsoft cloud investments. Many previous speakers include Richard Wakeman (Microsoft), Katie Arrington (OUSD), and several CMMC AB board members. Next month CS2 will host Rima Reyes, Dave Jennings and Morne Pretorius of the Teams GCC / GCC High / DoD product group as well as Matt Soseman, Microsoft Sr Architect focused on Microsoft Defender and applications for CMMC. See below for the full set of speakers. Join us for this ongoing informational series to cover best practices for CMMC, DFARS 7012 and the DFARS Interim Rule, NIST 800-171 compliance, CUI and ITAR data management, Audit Preparations, Cloud Management and other security topics.A CISO's Guide to Securing AI - Securing AI for Federal, DIB, and DoW Entities
Artificial Intelligence (AI) is rapidly reshaping federal missions, defense operations, and critical infrastructure. From intelligence analysis to logistics and cyber defense, AI’s transformative power is undeniable. Yet, with great power comes great responsibility and risk.
