GCC High was created to meet the needs of DoD and Federal contractors that needed to meet the stringent cybersecurity and compliance requirements of NIST 800-171, FedRAMP High, and ITAR, or who need to manage CUI/CDI. GCC High is technically a copy of the DoD cloud but exists in its own sovereign environment.
With GCC High, you begin to see a noticeable loss of feature parity with commercial environments. Things like Calling Plans and Compliance Manager aren’t available, and several tools like Microsoft Defender ATP, Cloud App Security and Intune are missing a few functions. The reasons for this are threefold. [Update: Agile IT is now able to enable calling and audio conferencing in GCC High]
First is the federal approval process. Each feature must be rigorously tested in the DoD and GCC High clouds to assure compliance and security.
Secondly, for many of the applications, a dedicated staff that has passed Department of Defense IT-2 adjudication based on an Office of Personnel Management investigation is required for development and support.
Finally, some of Microsoft 365 applications will fail to meet compliance requirements by their very nature. Ironically, this happens most frequently with security and governance tools, since they require standing access to data in order to be effective. In some cases, when the tools are critical, such as Azure Sentinel, Cloud App Security and Microsoft Defender the tools are almost completely rebuilt to meet these criteria. For other tools, like Yammer, they are simply left behind with no intent to bring them onto the roadmap.
Feature Parity changes constantly. There are two places where customers can keep up with what is available. The first is the Microsoft Service Description Pages for each product, secondly, you can filter the Office 365 development roadmap for GCC High under the “Cloud Instance” filter.
GCC High Eligibility
GCC High is reserved for the Defense Industrial Base (DIB), DoD contractors, and Federal Agencies. Every customer hoping to move to GCC High must first receive validation from Microsoft, which we cover in our blog, Getting GCC High Validation from Microsoft.
I hope this information will be helpful!