If you have DFARS, ITAR, FedRAMP, CJIS, IRS and other regulatory requirements, and are trying to understand what Microsoft 365 service fits your company, this article is for you.
This article is the second of a series in the Microsoft Tech Community Public Sector Blog and touches on several key principles for compliance, including data residency versus data sovereignty. For the first article in the series, please refer to History of Microsoft Cloud Service Offerings leading to the US Sovereign Cloud for Government.
We will focus on each of the US-based cloud offerings from Microsoft and compare the differences in compliance.
- Understanding Compliance Between Microsoft 365 Commercial, GCC, GCC-High and DoD Offerings
https://techcommunity.microsoft.com/t5/Public-Sector-Blog/Understanding-Compliance-Between-Microsoft-365-Commercial-GCC/ba-p/718445