What are the biggest obstacles we face in achieving CMMC compliance?

Sarah_Gilbert right now, it's personal devices. The new ability to apply conditional access to apps-covered-by-app-protection-policy enables us to have some leniency with end user devices, which is essential for our ability to collaborate without friction. But..Edge can't. Cloud Policy Service was announced as rolling out last year for GCC-High, but isn't available still. The feature was deleted from the Microsoft 365 Roadmap, so I can't even go look it up to see that it's been delayed or what. It's just gone with no further information. Without the ability to configure Edge via MAM, we still have to require full MDM for personal devices which we don't like and our employees really don't like. Help!