Office 365 Government Community Cloud

Office 365 Government plans are available to qualified government entities only, which include US federal, state, local, tribal, and territorial government entities. Each plan is offered as a monthly subscription and can be licensed to an unlimited number of users.

In addition to the features and capabilities of Office 365, your government organization benefits from the following features, which are unique to Office 365 Government:

• Your organization’s customer content is logically segregated from commercial customer content.

• Your organization’s customer content is stored within the United States.

• Access to your organization’s customer content is restricted to screened Microsoft personnel.

• Office 365 Government complies with certifications and accreditations that are required for US Public Sector customers.

What is “customer data” and “customer content?”

---

This section describes Office 365 Government commitments that apply to customer content and to customer data.

Customer data, as defined in the enrollment agreement for Office 365 services, refers to all data that the customer places in the Office 365 service, including both data created directly by users of the service and user-identifiable information generated through use of the service. Customer content refers to a specific subset of customer data, as defined in the Office 365 Asset Classification standard, and includes any content that has been directly created by users, such as email body text and attachments, content uploaded to SharePoint Online, or IM and voice conversations.

For more information on the Office 365 protection of customer data, see the Microsoft Online Services Trust Center.

When provisioned as part of Office 365 Government, the following services are offered in accordance with the National Institute of Standards and Technology (NIST) Special Publication 800-145:

• Exchange Online

• Exchange Online Archiving

• SharePoint Online

• Lync Online

Microsoft refers to this offer as the Government Community Cloud.

In addition to the logical separation of customer content at the application layer, each of these Office 365 services provides your organization with a secondary layer of physical segregation for customer content by using infrastructure that is separate from the infrastructure used for commercial Office 365 customers, including by using Azure services in Azure’s Government Cloud. To learn more, see Azure Government.

Office 365 Government services are provided from datacenters physically located in the United States. The following customer content is stored at rest in datacenters physically located only in the U.S.A.:

• Exchange Online mailbox content (email bodies, calendar entries, and the content of e-mail attachments)

• SharePoint Online site content and the files stored within that site

• Lync Online archived conversations, uploaded documents, and whiteboarding sessions

Note:
With typical use, Lync Online does not store customer content, but if such storage occurs, it will be in datacenters in the U.S.A.

If your users are located within the U.S.A. while using Office Online (formerly known as Office Web Apps) or if you adopt the use of Active Directory Federation Services (AD FS) 2.0 and set up policies to help ensure your users connect to the services through single sign-on, any customer content that is temporarily cached in Office Online will be located in the U.S.A.

Access to Office 365 Government customer content by Microsoft administrators is restricted to personnel who are US citizens. These personnel undergo background investigations in accordance with relevant government standards.

Office 365 Government supports the Federal Risk and Authorization Management Program (FedRAMP) accreditation at a Moderate Impact level. FedRAMP artifacts are available for review by federal customers who are required to comply with FedRAMP. Federal agencies can review these artifacts in support of their review to grant an Authority to Operate (ATO).

Exchange Online, SharePoint Online, Exchange Online Archiving, Lync Online, and Office Online have features that can support customers’ CJIS requirements for law enforcement agencies.

A number of services available for Office 365 do not involve the storage of customer content within the Office 365 infrastructure. This includes services that temporarily cache data, such as Office Online, as well as services that provide customers with the ability to download and install copies of Office client software, such as Visio. The following services do not involve the persistent storage of customer content:

• Office Online

• Office 365 ProPlus

• Visio Pro

• Project Pro for Office 365

Office 365 provides the ability to integrate third party applications into SharePoint Online sites, Lync Online, Office applications included in Office 365 ProPlus (such as Word, Excel, PowerPoint, and Outlook), and Outlook Web App. In addition, Office 365 supports integration with third party service providers such as BlackBerry and various fax service providers. These third party applications and services might involve storing, transmitting, and processing your organization’s customer data on third party systems that are outside of the Office 365 infrastructure and therefore are not covered by the Office 365 compliance and data protection commitments. It is recommended that you review the privacy and compliance statements provided by the third parties when assessing the appropriate use of these services for your organization.

Office 365 provides several services through integration with Microsoft Azure services. Any features that involve the storage, processing, or transmission of customer content in Azure systems are not currently available to Office 365 Government customers, because the Azure public cloud does not provide the same commitments to data segregation, data location within the US, and restricted data access by administrators as provided under Office 365 Government services themselves. This includes the following Office 365 features:

• Access Online

• Integration with Azure Workflows

• Power BI for Office 365

Some Office 365 features use Azure services in a way that does not involve the storage, processing, or transmission of customer content in the Azure systems. These features, including the following ones, are available for applicable Office 365 Government plans.

• Azure Rights Management Services (RMS)

• Multi-Factor Authentication

Applicable Office 365 Government plans include Yammer. Currently, Yammer provides the logical separation of customer data at the application layer. However, Yammer does not provide the same data location and data access features as Office 365 Government, does not support FedRAMP accreditation, and is subject to different contract terms from Office 365 services. It is recommended that you review the Yammer Service Description and privacy terms when assessing the appropriate use of Yammer for your organization. To learn which Office 365 Government plans include Yammer, see Office 365 Plan Options.

If you decide that the use of Yammer is appropriate for your organization as part of your Office 365 Government subscription and you have purchased a plan that includes Yammer, you can request that Yammer services be enabled for your Office 365 Government subscription.

If you have comments or questions about this topic, we'd love to hear from you. Just send your feedback to Office 365 Service Description Feedback. Your comments will help us provide the most accurate and concise content.