GCC High and DoD

Office 365
 

Topic Last Modified: 2018-05-23

To meet the unique and evolving requirements of the United States Department of Defense, as well as contractors holding or processing DoD controlled unclassified information (CUI) or subject to International Traffic in Arms Regulations (ITAR), Microsoft offers GCC High and DoD environments. Available through Volume Licensing, interested organizations go through a validation process to ensure eligibility before an environment is established. Trials are not available at this time.

Please engage your account team or preferred partner to learn more or initiate the validation process.

The Office 365 US Government Service Description is designed to serve as an overlay to the general Office 365 Service Description. It defines the unique commitments and differences compared to Office 365 Enterprise offerings.

GCC High and DoD meet the compliance requirements for the following certifications and accreditations:

  • The Federal Risk and Authorization Management Program at a Moderate baseline (FedRAMP Moderate), including those security controls and control enhancements as outlined in the National Institute of Standards and Technology (NIST) Special Publication 800-53.

  • The security controls and control enhancements for United States Department of Defense Cloud Computing Security Requirements Guide (SRG) for information up to Impact Level 5 (L5).

Department of Defense subscribers to Office 365 will receive services provided from the DOD exclusive environment that meets DOD SRG L5. Non-Department of Defense subscribers will receive services from the US Government Defense environment which is assessed at L5, but uses L4 segmentation.

Office 365 staff do not have standing access to GCC High and DoD production. Any staff who request temporary permission elevation which would grant access to customer content must first have passed the following background checks.

 

Microsoft Personnel Screening and Background Checks

Description

U.S. Citizenship

Verification of U.S. citizenship

Employment History Check

Verification of seven (7) year employment history

Education Verification

Verification of highest degree attained

Social Security Number (SSN) Search

Verification that the provided SSN is valid

Criminal History Check

A seven (7) year criminal record check for felony and misdemeanor offenses at the state, county, and local level and at the federal level

Office of Foreign Assets Control List (OFAC)

Validation against the Department of Treasury list of groups with whom U.S. persons are not allowed to engage in trade or financial transactions

Bureau of Industry and Security List (BIS)

Validation against the Department of Commerce list of individuals and entities barred from engaging in export activities

Office of Defense Trade Controls Debarred Persons List (DDTC)

Validation against the Department of State list of individuals and entities barred from engaging in export activities related to the defense industry

Fingerprinting Check

Fingerprint background check against FBI databases

Department of Defense IT-2

Staff requesting elevated permissions to customer data or privileged administrative access to Dept of Defense SRG L5 service capacities must pass Department of Defense IT-2 adjudication based on a successful OPM Tier 3 investigation

Office 365 subscriptions in the GCC High and DoD environments include the core Exchange Online, SharePoint Online, and Skype for Business features. Given the increased certification and accreditation of the infrastructure, there are some feature differences between the general commercial Office 365 offerings and those available in GCC High and DoD.

Exchange Online Unified Messaging Support for On-Premises IP-PBX – Support for integrating on-premises IP-PBX systems with Exchange Online Unified Messaging is not supported in GCC High and DoD subscriptions.

Document sharing – SharePoint Online and OneDrive for Business enable seamless information sharing and collaboration between users and teams. Document owners can provide other users with access to their documents through the web interface or modern attachments in Outlook. When sharing a document, there are multiple options for managing permissions:

  1. Only me

  2. Anyone within my company

  3. Anyone with this link

  4. Specific people

Customers using SharePoint Online and OneDrive for Business in the GCC High or DoD environments can keep documents private (first option), share with anyone in their organization (second option), share with anyone who has the link to the document (third option), and share with specific people within the GCC High and DoD environments (fourth option); of course, these options can be restricted based on tenant-level access controls as well.

External Application Access – Connections to external applications such as data sources for Add-Ins are limited to sources that are located within the system security boundaries supported by GCC High and DoD.

Business Connectivity Services – BCS functionality is supported for connectivity scenarios where the data sources remain reachable within the security boundary for your cloud service.

Sandbox Solutions – This feature has been deprecated and is not available. Any sandboxed solutions should be migrated to the SharePoint Add-In extensibility model.

PSTN Calling & PSTN Conferencing – Due to the requirement to use the Public Switched Telephone Network (PSTN) for telephony-oriented services, PSTN Calling & PSTN Conferencing services are currently not available in GCC High and DoD.

Multi-factor authentication using a federated identity model enables the use of PIV and CAC cards.

Yammer is not available in the GCC High and DoD environments.

 
Show: