cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Intune in GCC and GCC High Overview + CMMC Applications
By
Shawn Hays
Published Mar 30 2021 08:00 AM 12.4K Views
Shawn Hays
Iron Contributor
‎Mar 30 2021 08:00 AM

Microsoft Intune in GCC and GCC High Overview + CMMC Applications

‎Mar 30 2021 08:00 AM

What is Microsoft Intune for GCC and GCC High?

Microsoft Intune is now part of Microsoft Endpoint Manager, a suite that includes Intune and Configuration Manager. Microsoft Intune for Microsoft 365 GCC and GCC High is available as a standalone license or part of the Microsoft 365 EM+S E3 and E5 licenses.

 

Microsoft Endpoint Manager.png

 

Both products within Microsoft Endpoint Manager integrate with Azure Active Directory in Azure Government to give visibility and configuration management for mobile device access, while providing robust native control to IT leaders within small to large defense contractor organizations.

 

Does Microsoft Intune in GCC High Help Meet CMMC Level 3 Compliance?

Organizations can meet CMMC compliance for specific practices across several different domains using Microsoft Intune in GCC or GCC High in combination with configuration settings and policies in Azure Government and Microsoft Defender for Endpoint.

 

CMMC Level 3 has 130 practices that an organization will be assessed on. Organizations can meet 31 of these practices using Microsoft Intune in conjunction with other Microsoft products. While each domain and practice won’t be covered here, one of the key areas addressed in CMMC is the Access Control (AC) Domain.

 

For example, Intune allows you to fulfill the requirements for practice AC.3.022, which requires organizations to encrypt CUI on mobile devices and mobile platforms. Using Intune combined with the native polices and configuration options in Azure, users can set device compliance policies and configure Conditional Access to deny access to unencrypted devices to your systems, ensuring compliance with this specific practice. This in addition to data and file encryption applied through Microsoft Information Protection allows organizations to encrypt the data and the container on mobile devices.

 

Intune MDM for CMMC.png

 

In this blog and video below from Matt Soseman, Microsoft Sr Security Architect, you will find more insights on how to meet CMMC with Intune, current feature parity with GCC and GCC High, and other demonstrations on how companies in the Defense Industrial Base (DIB) are deploying Intune for their MDM and MAM needs.

 

 

 

 

 

 

 

3 Comments
John Pell
Copper Contributor
‎Jul 25 2023 05:18 AM
‎Jul 25 2023 05:18 AM

When is AutoPilot getting to GCC-High?

rePell
Copper Contributor
‎Jan 13 2024 08:48 AM
‎Jan 13 2024 08:48 AM

Without AutiPilot, we get new users with local admin that we have to take it away from or alternatively make it difficult and complicated to issue a new laptop: provisioning packages. 

0 Likes
Like
justinO
Microsoft
‎Jan 15 2024 05:19 PM
‎Jan 15 2024 05:19 PM

@rePell - Autopilot is currently in private preview for GCCH. You can also use some of the out of the box experience, enrollment status page, or GPO policy to meet many of the same capabilities you might be looking for with autopilot. 

0 Likes
Like
Co-Authors
Version history
Last update:
‎Mar 30 2021 09:05 AM
Updated by: