Forum Widgets
Latest Discussions
Azure Gov AIP Unified label client support for MacOS
Hello, I'm currently setting up AIP for our tenant and it doesn't appear that the Unifield Labling client for MacOS is available. Does that mean Office Apps for Mac can't label their documents until this is available? Would they have to use the web versions? Thanks, MikeSolvedBerlinerViceAug 25, 2020Copper Contributor2KViews0likes1CommentBitlocker Encryption Compliance
Could you detail the settings that are required for Bitlocker full-disk encryption to be compliant with CMMC (FIPS-validated encryption)? I've seen a "FIPS-mode" setting, but heard there was more than one step to being compliant. What Operating Systems is this available on? Win7, Win10, Server 2008, Server 2012, Server 2016? Thanks!SolvedAnon414Aug 25, 2020Copper Contributor4.4KViews0likes2CommentsSecurely Transferring Data from Company O365/M365 to Customers/Partners
What options are available to securely transfer data/documents from company-managed Office 365 (commercial, GCC, or GCC High) environments and customer/partner ones? I realize the data could always stay in one environment to avoid this problem, but what Microsoft options exist to 'deliver' CUI to customers securely?SolvedMichaelKingAug 25, 2020Brass Contributor4KViews0likes3Comments
Re: Welcome to the Microsoft CMMC AMA!
Sarah_Gilbert Hi there, I was wondering if MS believes customers that require CMMC level 3 would be able to leverage M365 services such as EMS to become compliant or if moving to GCC high is a must?SolvedGOsorioAug 25, 2020Copper Contributor1.1KViews1like1Comment
CMMC - does it require MFA at network login?
"NIST 800-171 3.5.3 Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts" Some debate inside my company about whether MFA is required at network login vs MFA being required only when accessing CUI systems (not all systems on our network have CUI). So, can we place MFA at entry to CUI system and not MFA all employees at time of network login? And does CMMC require anything different that NIST 800-171 3.5.2?SolvedbkaufmanAug 25, 2020Copper Contributor6.2KViews1like4Comments
GCC high
Microsoft is limiting GCC high to companies with current gov contracts requiring protecting regulated data, but DOD is putting CMMC requirements in RFIs now. IS MS legal going to open GCC high to companies bidding on DoD contracts?SolvedLandry_secureAug 25, 2020Copper Contributor1.2KViews0likes1CommentWin10 Laptop MFA?
Does Microsoft have any short-term plans to support Windows 10 laptop MFA through a smartphone app instead of relying on biometrics/smart cards through Windows Hello, to support CMMC compliance? Or should we look to other vendors, such as Cisco's Duo offering?SolvedMichaelKingAug 25, 2020Brass Contributor1.1KViews2likes1CommentRequirements/Need for GCC High
I have gone back and forth with Microsoft Support about the need for GCC High. Below is the last interaction I had with them regarding the need for it. They had someone call me to explain it and I explained my understanding with no response, so I assume it's correct. As I understand it and as the CMMC currently stands, knowing it is not fully finalized, we will only need GCC licenses and a sub-tenant if we are awarded a contract that has ML-4 or ML-5 requirements. However, we need to configure our primary tenant to the required ML and be certified at the level prior to bidding to show we have the capability to properly store, manage, and protect the data. If we are awarded we then apply for the GCC tenant and will be required to pay a Microsoft Business Partner setup the GCC sub-tenant and configure the tenant to ML-4 or ML-5, even though we have demonstrated we know how to configure it, because that is a DoD requirement. Please let me know if there are any errors in the process I have just outlined. I understand these requirements may change as the finalized CMMC version is published. Can anyone verify this? My company is working toward ML-3, and I'm still confused as to whether we should be in a GCC High tenant. I saw those licenses available for purchase on the CMMC Marketplace site, making it appear like any DIB company could go that route.SolvedDKernus02Aug 25, 2020Brass Contributor2.5KViews3likes3Comments
Resources
Tags
- Government12 Topics
- office 3655 Topics
- compliance4 Topics
- security2 Topics
- Permissions2 Topics
- sharepoint2 Topics
- planner1 Topic
- admin1 Topic
- onedrive1 Topic
- exchange1 Topic
