Microsoft Federal Successfully Completes Voluntary CMMC Assessment
Microsoft is furthering its commitment to U.S. Department of Defense (DoD) and the Defense Industrial Base (DIB) by announcing its successful completion of a DCMA (Defense Contract Management Agency) Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) Joint Surveillance Voluntary Assessment Program (JSVAP)The basics of CMMC 2.0 and preparation recommendations
CMMC is intended to standardize and raise the bar for cyber security in the Defense Industrial Base (DIB) using CMMC third-party assessment organizations (C3PAOs) and self-assessments to enforce security requirements. While more rules and refinement for CMMC 2.0 are to come, companies are preparing now and using CMMC 2.0 as a mechanism to help improve security. For companies that are pursuing CMMC, we see a variety of practices emerging to support a successful upcoming certification.Understanding Compliance Between Commercial, Government, DoD & Secret Offerings - Feb 2025 Update
Understanding compliance between Commercial, Government, DoD & Secret Offerings: There remains much confusion as to what service supports what standards best. If you have CMMC, DFARS, ITAR, FedRAMP, CJIS, IRS and other regulatory requirements and you are trying to understand what service is the best fit for your organization then you should read this article.Microsoft US Sovereign Cloud Myth Busters - CUI Effectively Requires Data Sovereignty
We will focus on the myth that Controlled Unclassified Information (CUI) does not require data sovereignty. This article is written through the lens of requirements to protect CUI in the context of the U.S. Department of Defense for national security, such as in alignment with the Defense Industrial Base (DIB) and the Cybersecurity Maturity Model Certification (CMMC).The Microsoft 365 Government (GCC High) Conundrum - DIB Data Enclave vs Going All In
The DIB (Defense Industrial Base) are embracing M365 GCC High to achieve compliance with U.S. defense regulations. However, not all deployment approaches are equal. Many opt for a 'ITAR Compliant Data Enclave', while others may come to the conclusion they must go all into GCC High.Azure Sentinel Cybersecurity Maturity Model Certification (CMMC) Workbook
The Azure Sentinel CMMC Workbook provides a mechanism for viewing log queries aligned to CMMC controls across the Azure cloud including Microsoft security offerings, Office 365, Teams, Intune, Windows Virtual Desktop and many more. This workbook enables Security Architects, Engineers, SecOps Analysts, Managers, and IT Pros to gain situational awareness for the security posture of cloud workloads. There are also recommendations for selecting, designing, deploying, and configuring Microsoft offerings for alignment with respective CMMC requirements and practices. The workbook features 250+ control cards aligned to the 17 CMMC control families across all 5 maturity levels with selectable GUI buttons for navigation.
