Government AMA | Microsoft Community Hub

Connect with experts and redefine what’s possible at work – join us at the Microsoft 365 Community Conference May 6-8. Learn more >

Forum Widgets

Latest Discussions

International Women's Day
Just wanted to give a special shout out to all the women in technology! Today, we commemorate you and your contributions to tech innovation. The other three hundred sixty four days, we still appreciate you.
Brian Levenson
Microsoft
Mar 08, 2017
885Views
8likes
1Comment
CMMC Acceleration Program
Can you update us on the timing and content of Microsoft's CMMC Acceleration Program? Based on the March blog by @RichardWakeman, it appears this would be very useful to us as we work toward Level-3 compliance. We can't, however, indefinitely pause our project as we wait for more information. Can't MS incrementally provide some guidance and support as we wait for the CMMC Accreditation Body to dot i's and cross t's?
Solved
KenStewart
Brass Contributor
Aug 25, 2020
2.1KViews
8likes
2Comments
CMMC Compliance without GCC High
Hello MS team, As a government contractor we regularly access CUI and are required to be CMMC level 3 compliant. Currently we run Office 365 on our systems and do not intend on upgrading to GCC High. What configurations, settings or group policies should a contractor put into place in order the be level 3 compliant w/out GCC High. I am looking for guidance in AU, CM, MP, SC & SI domains. Thank you in advance
pvalad530
Copper Contributor
Aug 25, 2020
5.2KViews
7likes
1Comment
MSPs and MSSPs
Hi MS Team, I, like many others, have many customers in GCC High / Azure Government. But I am not myself in GCC High. This creates significant challenge as an MSP/MSSP. And the majority of DIB being small businesses that use MSPs/MSSPs.. this creates a lot of challenge for all involved. The easiest way to solve this challenge seems to be for me to get a GCC High tenant; but requirements are currently stringent and limit MSPs from getting tenants. This ends up forcing bad security, such as creating shared accounts on customer tenants for MSPs to login to (or makes them manage dozens of separate accounts for each employee at each client). Further, there is a lack of competition in the GCC High vendor space; 9 approved vendors for GCC High. This forces MSPs/MSSPs like myself, who have been using GCC High for years and have more daily experience in it than these vendors, to send business to these companies or at least create an opportunity for these businesses to try and take our clients (which some of them do try to do). The whole situation is difficult for MSPs/MSSPs, and that's an issue when you consider how most DIB companies use MSPs/MSSPs/. I guess my question is.. are you all tracking this? Is it a concern you share, and are you addressing it at all?
Solved
andrewgsauer
Brass Contributor
Aug 25, 2020
1.7KViews
6likes
3Comments
Specific clauses in CMMC Level 3 that require GCC High
Sarah_Gilbert Are there any specific clauses in CMMC Level 3 that require GCC High? Is compliance manager on the roadmap? (a CMMC template in Commercial, or availability of the tool in GCC High?) I am sending a surrogate to tomorrow's call, as I am unavailable. Will the call be recorded?
Solved
Sean Spicer
Copper Contributor
Aug 24, 2020
4.8KViews
6likes
4Comments
That's a wrap: Microsoft Teams Government AMA
Thank you for joining us and voicing your questions and feedback during this fun and action-packed hour. Please note that you won't be able to ask new questions in this space until our next live event. We will be disabling posting and further comments in this AMA space but encourage you to post any new questions or follow up in our Public Sector, Local/State Government Space. We will put together a summary document of what was covered during and share it in this group. See you next time!
Sarah_Gilbert
Community Manager
Mar 19, 2020
1.3KViews
6likes
0Comments
Add CMMC to Compliance Manager?
Will Microsoft add CMMC to the , to help companies assess Azure, Intune, and/or Office 365 against CMMC?
MichaelKing
Brass Contributor
Aug 25, 2020
2.4KViews
5likes
5Comments
Welcome to the Microsoft CMMC AMA!
Our panel of experts are now standing by live to answer your questions about achieving CMMC compliance with your Microsoft Azure and Microsoft 365 subscriptions! To submit a question, click "Start a new conversation" in the Government AMA space--and do this for each new question. This will enable us to easily identify and answer your questions. If you want to keep an eye on the questions being asked by your peers, simply stay on the Government AMA page. The page will automatically refresh. Ask us your tough questions, your detailed questions, your simple questions. After the event, we will make a summary of this AMA and post it to the group. Let's get started! Please introduce yourself as a reply below! We will do the same.
Sarah_Gilbert
Community Manager
Aug 25, 2020
compliance
Government
7.4KViews
5likes
29Comments
Extending the Shared Responsibility Model into CMMC
A quick review of Compliance Manager (or the Office 365 MT FedRAMP system security plan) shows that Microsoft has documented the areas where customer orgs need to implement their own controls (policies, procedures, tenant configurations) in order to fully satisfy a FedRAMP control requirement. I know that CMMC is different. We aren't focusing on just the cloud system, but rather the entire organization, its people, information, technology and facilities. That distinction aside: how much do we think Microsoft's security capabilities can be "inherited" by subscriber organizations for use in a CMMC assessment? How much still needs to be documented, performed, and managed by the organization itself? More than FedRAMP? Less? 42?
rybo3000
Brass Contributor
Aug 25, 2020
613Views
5likes
0Comments
That's a wrap: Microsoft CMMC AMA
Thank you for joining us and voicing your questions and feedback during this fun and action-packed hour. *Please note that you won't be able to ask new questions in this space until our next live event. We will be disabling posting and further comments in this AMA space but encourage you to post any new questions or follow up in our Public Sector, Local/State Government Space. We will put together a summary document of what was covered during and share it in this group as well as a follow up blog post. See you next time!
Sarah_Gilbert
Community Manager
Aug 25, 2020
compliance
Government
2.4KViews
4likes
1Comment

Resources

Tags

Government12 Topics
office 3655 Topics
compliance4 Topics
sharepoint2 Topics
security2 Topics
Permissions2 Topics
planner1 Topic
admin1 Topic
onedrive1 Topic
exchange1 Topic

Share