Office 365 for Government is a comprehensive cloud platform developed specifically for U.S. Federal, State, and Local governments to comply with the U.S. government’s security regulations. The solution satisfies the standards of many government agencies, including FedRAMP, HIPAA, CJIS, and others. Furthermore, the office GCC High and DoD have additional compliance adherence with Department of Defense Security requirements, DFARS, and ITAR.
The uniqueness of the solution lies within its features, whereas:
- Customer content is separated from all content in MS’ commercial Office 365 services;
- Any content related to a customer is stored within the U.S.;
- Customer content is restricted to screened MS personnel;
- Office 365 Government satisfies accreditation needed for the US Public Sector customers.
Depending on the type of your specific needs, Microsoft has a wide range of cloud environments, which are:
- GCC, or Government Community Cloud, to work with local, civilian, and federal government agencies;
- GCC High for classified usage by authorized users;
- DoD cloud for intelligence agencies.
Azure Government
Azure Government is a mission-critical cloud to be used by US government customers and their partners. The instance is dedicated to US federal, state, local, and tribal governments as well as their partners which have business-related processes.
Azure Government services handle data that is subject to various government regulations and requirements, such as FedRAMP, DoD, IL4 and IL5, and more. Moreover, it uses physically isolated data centers and networks located in the US only to further improve security and reliability.
Identities
There are two types of Azure identities:
- Azure AD Public – Common scenario if an organization uses an Azure AD public tenant in order to support GCC or an Azure subscription;
- Azure AD Government – is used if an organization has an Azure AD Government tenant to support Office 365 (GCC High or DoD) or an Azure Government subscription.
Once you have decided which one to pick, the next point will be your app registration. Should you choose Azure AD Public identities, you want to register the app in your Azure AD Public tenant. Otherwise, should you perform the registration in the directory the subscription trusts, in this case, the intended set of users cannot authenticate.
Deployment Specifics for Cloud Hosted Environments
The cloud-hosted environment is a concept that refers to development tier one environments, which is deployed on your subscription, granting you full control over the access, configuration, and infrastructure itself.
In GCC, cloud-hosted environments (CHE) require an Azure Government subscription (tenant/ADD) and cannot be deployed on a commercial Azure subscription. MS team wanted to ensure the compliance and security of your infrastructure and data by residing it only in government data centers.
Hence, you will have a tenant with your Dynamics 365 GCC licenses, whereas all users will require an additional Azure government tenant where you can create an Azure government subscription to be able to deploy your cloud-hosted environments. This process is automatically configured via LCS.
The rest of the steps are pretty much the same as for commercial deployment, with one difference – customers must complete the ARM onboarding process for GCC. Simply follow this link to check the documentation on the deployment.
Limitations?
The first limitation here would be that Finance and Operations apps are not available in GCC High and/or DOD. Unfortunately, there is no yet visibility on the availability of these services to comply with the requirements for GCC High and DOD. The self-service deployment model for Finance and Operations is the only one being supported in GCC.
Also, here is the list of unsupported add-ins or tools yet:
- Microservices platform;
- App add-ins, like planning optimization, inventory visibility, and so on;
- Power Platform integration setup from LCS;
- Dual Write setup in LCS can only be configured manually;
- Azure Data Lake export;
- LCS code upgrade;
- And more.