What is a service or tool within Gov clouds (GCC, GCC High, DoD) that you think gets overlooked or misunderstood? If misunderstood, can you explain why?

Question

&nbsp;
What is a service or tool within Gov clouds (GCC, GCC High, DoD) that you think gets overlooked or misunderstood?&nbsp;If misunderstood, can you explain why?

leo_ramirez · Answer

Compliance Manager is a powerful solution that gets overlooked for GCC customers.

jgmac1106 · Answer

I just took the CMMC Workbook for a spin connecting Microsoft Purview Compliance Manager and Sentinel and Defender...it is super powerful.

If you aren't going to use Compliance Manager in a way I think a service used a lot gets misuderstood and that is Teams.

If you can design your Leadership teams for your Gov cloud, create channels for those teams, and provide access to your excel sheet SSP, or RACI models for each practice (depending on framework you must meet) you can push your culture forward.

Plus all those teams are generating tons of evidence that you may end up using to demonstrate you meet some security requirements.

I think Microsoft Purview Data Loss Prevention doesn't get used enough and if you add Endpoint DLP you can do some super powerful stuff

jgmac1106 · Answer

I actually take it back and have a new submission.

PIM and RBAC in Azure AD is a hard learning curve for people who migrate to Government Community Clouds or carve out an enclave while having an out of scope Enterprise.

60+ built in roles is a bug not a feature.

Also why role creation is restricted in GCC and GCC-High Feature not bug.

But Then we invite the humans in.

Organizations have roles that read like support tickets "workloads who need a password reset" or "dot matrix printer clogged"

Creativity is the enemy of security.

Forum Discussion

What is a service or tool within Gov clouds (GCC, GCC High, DoD) that you think gets overlooked ?

Share

Resources