Blog Post

Public Sector Blog
12 MIN READ

History of Microsoft Cloud Service Offerings leading to the US Sovereign Cloud for Government

RichardWakeman's avatar
RichardWakeman
Icon for Microsoft rankMicrosoft
Sep 09, 2019
There is an update to this article found at:   https://aka.ms/AA632wo    This article has been replaced by the update and will be removed shortly.     This article is the first of a ser...
Updated Feb 23, 2021
Version 11.0
compliance
defense
federal
office365
public sector
RichardWakeman's avatar
RichardWakeman
Icon for Microsoft rankMicrosoft
Jun 08, 2020

Kevin St Clair In the shared responsibility model for compliance, it is ultimately customer responsibility to manage access control for whom they allow into their tenant.  Once a tenant owner takes possession of their tenant, they may provide access to anyone, to include supporting partners and foreign nationals.  That said, if they do allow foreign nationals in and at the same time they possess CUI in the tenant, it is also customer responsibility to lock down the CUI so that only authorized users have access, such as those with export control licenses.  In short, yes a tenant owner may allow the use of a partner with personnel outside of the US to perform management, but they will also need to safeguard their CUI from access by that personnel.  As you can imagine, Microsoft does not police nor limit customer access provided by tenant owners.