5 Critical Steps to Get to The Microsoft 365 GCC High
Are you an IT admin that’s been reading about the GCC High and wondering about your organization’s compliance obligations? Perhaps you’re a local government concerned with CJIS? Maybe you’re a government contractor managing Controlled Unclassified Information (CUI) and need to be complying with federal benchmarks like CMMC, DFARS and ITAR. Whether you’re using Microsoft 365 today or any other system, this is probably a pretty important consideration.
Here at LiftOff, we can help you answer these questions. Haven't heard of us? We'll we’re a group of Microsoft enthusiasts that helps organizations get started with Microsoft 365. We help clients understand and purchase Microsoft 365 licenses, safely migrate their data to the cloud, and finally protect and secure their new cloud environment today and in the future.
In today's post, we're going to present 5 critical steps you need to know as you prepare for your journey to the GCC High.
Step 1
Determining if your organization NEED to be in the GCC High?
Microsoft offers four primary clouds: the first is the Commercial Microsoft 365 cloud which is perfect for small to midsize private businesses that don’t really work with government.
Next is the Government Community Cloud moderate or GCC. If you’re a state and local government and need to meet CJIS compliance standards, this is the cloud for you.
Next up is the GCC High. This U.S. sovereign cloud is designed for US government contractors and is a more secure and compliant version of the commercial cloud or GCC moderate. GCC High data centers are located only in the continental United States and is operated by U.S.-based personnel. The GCC High meets many compliance requirements you might have like NIST and CMMC.
Finally there’s the DOD cloud which you can’t access unless you’re, well, part of the DOD.
Here's a nice table from Richard Wakeman of Microsoft discussing the different features of the four clouds:
If you’re still not sure if you need the GCC High, reach out to us here at LiftOff and we’ll be happy to help.
Step 2
Apply for GCC High Eligibility
If you’ve determined that you do in fact need to move your organization to the GCC High, step 2 is applying for eligibility.
You’ll need to fill out this government community cloud intake form. It should only take a few minutes:
https://usgovintake.embark.microsoft.com
If you’re an eligible government contractor, you should receive approval from Microsoft within a few weeks. Make sure you receive validation as a category 3 entity, as category 2 entities are only allowed into Azure Government, not GCC High.
At this point, you’ll be asked to work with qualified partner to purchase GCC High licenses, which leads us to Step 3.
Step 3
Buy your licenses through LiftOff
Customers can purchase Microsoft 365 for U.S. Government licenses only through select Microsoft partners such as LiftOff. We have hundreds of clients that buy Microsoft licenses from us. We’re happy to work with you whatever your licensing needs – 1 license or 1,000 licenses. We have a dedicated licensing team -- Colin, Nicole, Kristina, and Allison typically respond to licensing questions and quote requests within an hour. These guys are fast!
Before buying your licenses, it will be beneficial for you to have a conversation with us about the complex Microsoft 365 license menu. There are tons of different products and many price points and it can be very confusing to understand. We have tools such as product spreadsheets where you can mock up monthly and annual costs based on different scenarios.
We’re happy to help as we don’t want you to overspend on products that you don’t need.
Step 4
Migrate your data and activate the GCC High tenant
Some of our licensing clients are pretty technical and can handle a data migration to the Microsoft 365 GCC High cloud themselves. And that’s totally fine.
However, if you’d like a partner to help with your data migration and cutover services, LiftOff can help. Over the last 13 years, our engineers have performed over 1,000 migrations to the different Microsoft clouds from any source system that you can imagine.
A very common migration project that we work on is moving from the Microsoft 365 commercial cloud to the GCC High. This can be very complex as there are many different workloads to consider and your domain can only be in 1 tenant at any given time. I could go on and on…
Feel free to reach out to us with migration questions.
Step 5
Security and ongoing maintenance of your tenant
Your new GCC High tenant is NOT secure or compliant out of the box. It’s up to you to optimize spam and malware settings, configure conditional access security policies, and to generally be secure and compliant.
Much of this would be in a typical LiftOff scope of work for a full migration project. If you’re only doing licensing with us, we’d be happy to conduct a security healthcheck to be sure all looks good in your tenant.
Also Microsoft 365 has an evolving feature set and things are constantly changing. Be sure you’re paying attention to all of the Microsoft updates announced in the admin centers.
So that’s it. Five steps to get to the GCC High.
This entire journey can take as long as you want but is typically around 4-8 weeks.
To get a sense of project costs, reach out to us here at LiftOff to discuss your project.
We're happy to help with licensing, migrations or general questions about Microsoft 365.