Microsoft
Microsoft Moves to Improve Small Contractors’ Access to GCC High Cloud
Microsoft has announced that defense contractors may now submit other forms of evidence to access the Microsoft Government Community Cloud High environment.
Richard Wakeman, senior director of aerospace and defense in the Azure Global Team, said Department of Defense officials believe that cybersecurity maturity is not a checklist or one-time exercise. Katie Arrington, the DOD acquisition office's chief information security officer and Wash100 winner, has said that organizations must constantly adapt to new threats.
“Microsoft holds a similar viewpoint in that we aim to regularly release new tools and capabilities to enable compliance and combat new threats. In addition to these tools, our team also strives to ensure Microsoft sovereign cloud offerings are accessible for DIB small businesses,” Wakeman added.
GCC High was designed to help the Pentagon and defense contractors holding or processing DOD-controlled unclassified information, Microsoft said. Interested organizations must go through a validation process to ensure eligibility for a cloud environment.
Summit 7 Systems CEO Scott Edwards said that some non-traditional contractors and smaller defense companies do not have the past performance or existing contracts required to access GCC High.
To lower the barrier to entry, Microsoft now only requires a Commercial and Government Entity code from the General Services Administration and the companies' Data Universal Number Systems number.
Microsoft said the decision is in line with the DOD's efforts to give more consideration to small businesses through its ongoing Cybersecurity Maturity Model Certification program.
In late 2020, Microsoft launched the CMMC Acceleration Program to make cloud security and compliance less challenging. The program provides relevant scripted tools and documentation in Microsoft 365 and Azure.
Category: Popular Voices