As a business leader, you know the value of having access to the right information at the right time. Whether you need to make strategic decisions, solve problems, or answer customer queries, you want to leverage the knowledge that is stored in your documents and databases. But how can you find the most relevant and accurate answers from the vast amount of unstructured data that you have? One possible solution is to use generative AI, a type of artificial intelligence that can create new content based on existing data. Generative AI can help you transform your unstructured data into a searchab ..read more

As the Defense Industrial Base (DIB) awaits the finalization and rollout of proposed changes to the Cybersecurity Maturity Model Certification (CMMC) program, there are still plenty of ways to begin preparing for CMMC 2.0 now.  Some aspects of the revised model are more streamlined; for instance, CMMC 2.0 will only have three levels of certification, ranging from basic cyber hygiene to advanced practices. However, other proposed changes reflect tighter standards for supply chain cybersecurity. Depending on the type and scope of the contracts they pursue, defense contractors – and even the ..read more

With the publishing of the U.S. Department of Defense memorandum for ‘FedRAMP Moderate Equivalency for Cloud Service Provider’s Cloud Service Offerings’, assessors will be asking defense contractors to provide the body of evidence (BoE) of any cloud service providers not authorized in the FedRAMP Marketplace.      For access to the Microsoft Office 365 GCC High and/or Azure Government BoEs, as per the memo, please contact:  Office 365 GCC High: O365FedRAMP@microsoft.com  Azure Government: AzFedDoc@microsoft.com    The BoE is considered highly sensitive ..read more

We’re looking forward to our next GCCH M365 Webinar on Tuesday, April 30, at 1200 EDT.  It’s the Dave show as we’ll be joined by both Dave Jennings (new Teams) and Dave Nobles (empowering secure and effective collaboration between GCCH and DoD). To receive a calendar invite, please register here.     In addition, please find attached a roll up of April M365 roadmap highlights.  Happy to field any questions with what is included ..read more

Artificial intelligence (AI) is transforming the way businesses operate, innovate, and compete. AI can help enterprises improve efficiency, accuracy, and customer satisfaction, as well as create new products and services. However, AI also comes with challenges and risks, especially when it comes to data. Data is the fuel for AI, and without proper data management, enterprises may face legal, ethical, and operational issues that can undermine their AI initiatives.    Before end users start using AI, enterprises need to ensure that their data is ready for AI. This means that data is ac ..read more

Executive Summary   The U.S. Department of Defense (DoD) Federal Acquisition Regulation supplement (DFARs) 252.204-7012 requires Cloud Service Providers (CSP) to meet a baseline for compliance. CSPs must support DFARs 7012 flow down contract clauses to safeguard Controlled Unclassified Information (CUI) against unauthorized disclosure. CSPs must also provide cloud solutions that are Federal Risk and Authorization Management Program (FedRAMP) Moderate (or High) authorized or cloud solutions that can demonstrate FedRAMP Moderate ‘Equivalency’.   Microsoft 365 Government (GCC High) has ..read more

Microsoft is committed to U.S. Department of Defense (DoD) contractors and the Defense Industrial Base (DIB) by supporting the Defense Federal Acquisition Regulation Supplement (DFARS) requirements for the Microsoft 365 Government (GCC High) cloud service offering.   Microsoft 365 Government cloud offerings for GCC High meet the applicable requirements of the DFARS Clause 252.204-7012 (Safeguarding Unclassified Controlled Technical Information). Specifically, the requirements within the Clause that are applicable to the Cloud Service Provider (CSP) and their commitment to fulfill these re ..read more

  With the recent announcements around Copilot, especially Copilot for Microsoft 365, many agencies are excited to adopt the new capabilities and unlock user productivity and accessibility. However, there is one lingering question that has always and continues to be in the background: “How to balance accessibility, productivity and security in an AI world.” So, as we wrap up Disability Awareness Month, I wanted to help address this challenge to enable the community that has inspired me over the years.    The difficulty of this AI enablement challenge is that to fully answer this ..read more

Release News   Teams   Deprecating the ability to view websites inside the Website tabs in the new Teams   Upgrades to importing a schedule in the Shifts app - GCC   Optimize screen sharing for video – GCC March, GCCH & DoD April   Viva   Viva Topics will be retired as Microsoft focuses our efforts on building new knowledge and content experiences in Microsoft Copilot   SharePoint Online   List owners and collaborators with the permission to edit the list will be able to collect information on their lists with the new Lists forms experience &nb ..read more

  Microsoft Copilot for Security and NIST 800-171: Access Control Microsoft Copilot for Security in Microsoft’s US Gov cloud offerings (Microsoft 365 GCC/GCC High and Azure Government) is currently unavailable and does not have an ETA for availability. Future updates will be published to the public roadmap here.   As of this writing we’ve received the Proposed Rule of the Cybersecurity Maturity Model Certification (CMMC) 2.0, and the public comment period ended on February 26. The National Institute of Standards and Technology (NIST) just released their analysis of public comments o ..read more