Trace Id is missing
two guys looking at the computer

Working with the Department of Defense? You’ll need to get certified.

Check out this useful guide for small and medium-sized organizations to implement the latest Microsoft 365 and Azure capabilities for satisfying CMMC Level 1 practices.
Get the guide

Cybersecurity Maturity Model Certification (CMMC)

What is CMMC?

The U.S. Department of Defense (DoD) is implementing the Cybersecurity Maturity Model Certification (CMMC) to verify the cybersecurity of its supply chain. The certification encompasses three maturity levels with progressively more demanding requirements on processes and practices.

Why CMMC?

Part of the DoD’s focus on the security and resiliency of the Defense Industrial Base (DIB) sector is working with industry to enhance the protection of sensitive information and intellectual property within the supply chain.

Who needs to be certified?

CMMC will impact all organizations that provide goods or services to the DoD. It is currently pending rulemaking completion (expected between late 2022 to late 2023). When fully implemented, CMMC will be a DoD contractual requirement and a condition for award.

Microsoft can help you get certified

Accelerate your CMMC accreditation process, no matter which level you need
shield blue icon

Strengthen your cybersecurity baseline

control blue icon

Control and protect sensitive data

Streamline compliance blue icon

Streamline compliance

Microsoft Cloud service offerings

Microsoft 365

Reimagine the way you work with an integrated solution including Teams, OneDrive cloud storage, and Office apps.

Microsoft Product Placemat for CMMC 2.0 Level 2

Learn more

Microsoft 365 Roadmap

Learn more

  • Microsoft 365 for Enterprise

    Microsoft 365 deliver the power of cloud productivity to organizations of all sizes, helping save time, money, and free up valued resources. The Worldwide instance provides compliance with FedRAMP High for some services.

    Learn more

  • Microsoft 365 GCC

    Microsoft 365 Government (GCC) provides compliance with FedRAMP High, Defense Federal Acquisition Regulations Supplement (DFARS) and DISA Cloud Computing Security Requirement Guide (CC SRG) Impact Level 2.

    Learn more

  • Microsoft 365 GCC High and DoD

    Delivers compliance with FedRAMP High, Defense Federal Acquisition Regulations Supplement (DFARS), DISA Cloud Computing Security Requirement Guide (CC SRG) Impact Level 4, and International Traffic in Arms Regulations (ITAR).

    Learn more

Microsoft Azure

Achieve your goals with the freedom and flexibility to build, manage, and deploy your applications anywhere.

CMMC Level 3 Regulatory Compliance built in Azure Policies

Learn more

Microsoft Defender for Cloud

Learn more

Azure Compliance

Learn more

  • Microsoft Azure Commercial

    Build and manage powerful applications using Microsoft Azure cloud services. Microsoft Office 365 Commercial and Microsoft Office 365 GCC are both paired with Azure AD in Commercial.

    Learn more

  • Microsoft Azure Government

    Azure Government is our fully isolated cloud environment designed for data sovereignty. Delivers compliance with FedRAMP High, DFARS 7012, DoD CC SRG IL4/5, ITAR and EAR.

    Learn more

Microsoft Dynamics 365 and Power Platform

Adapt and innovate with the only portfolio of business applications that empowers your organization to deliver operational excellence and serve every constituent.

Dynamics 365 for US Government

Learn more

Power Apps for US Government

Learn more

Power Automate for US Government

Learn more

  • Dynamics 365 - Commercial

    Deliver positive customer experiences faster. Optimize resources and help technicians be more efficient. Reduce operational costs. Dynamics 365 in Commercial is compatible with Azure AD in Commercial.

    Learn more

  • Dynamics 365 – GCC and GCC-H

    The services offered in GCC and GCC High are further protected with heightened compliance demands. Check the feature availability site to learn which features are available in each environment.

    Learn more
question mark icon

Need help deciding which Microsoft Cloud you need?

Read the blog

Resources

Blog Guide Other Webinar/Video
  • Blog

    Accelerating CMMC compliance for Microsoft cloud

    Read Blog
  • Blog

    Microsoft CMMC Acceleration Program Update

    Read Blog
  • Blog

    History of Microsoft Cloud Service Offerings leading to the US Sovereign Cloud for Government

    Read Blog
  • Blog

    Understanding Compliance Between Microsoft 365 Commercial, GCC, GCC-High and DoD Offerings

    Read Blog
  • Blog

    The Microsoft 365 Government (GCC High) Conundrum - DIB Data Enclave vs Going All In

    Read Blog
  • Blog

    Microsoft expands qualification of contractors for government cloud offerings

    Read Blog
  • Guide

    Microsoft CMMC 2.0 Level 1 Implementation Guide

    Read guide
  • Guide

    A guide to buying Microsoft 365 for Government

    Read guide
  • Guide

    CMMC templates in Compliance Manager

    Read guide
  • Guide

    A guide to buying Azure for Government

    Read guide
  • Guide

    Build your Azure environment using Microsoft built reference architectures which enable security and compliance

    Read guide
  • Other

    Official CMMC FAQ by the CMMC-AB

    Read FAQ
  • Other

    Microsoft Product Placemat for CMMC Level 3

    Read FAQ
Back to tabs
Follow us
Back To Top