in ,

Microsoft Changes Government Cloud Access Requirements to Help Small Businesses Adopt CMMC Standards


Microsoft has modified the requirements needed by members of the defense industrial base applying for access to the company's U.S. government cloud offerings to help them adapt to the Department of Defense's new Cybersecurity Maturity Model Certification standards.

Small businesses looking to use Microsoft 365 Government Community Cloud High are now only required to submit a valid, five-character Commercial and Government Entity code issued by the General Services Administration, or the applicant's own Data Universal Number Systems number to access GCC High, the company said Thursday. 

Previously, DIB members needed to present a contract or letter that includes the DOD's approval of cybersecurity requirements to apply for access to the cloud service, which works to help federal agencies and commercial partners manage sensitive data.

According to the company, CAGE and DUNS are requested by the Pentagon from businesses pursuing defense contractual opportunities, making the numbers appropriate justification.

In addition to contractors with a Category 3 notice, Microsoft is now allowing Category 1 and 2 businesses to have Microsoft 365 GCC High licensing by buying it from an authorized seller under the Microsoft Agreement for Online Services – Government program.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Contract Awards


Written by Nichols Martin

a staff writer at Executive Mosaic, produces articles on the federal government's technology and business interests. The coverage of these articles include government contracting, cybersecurity, information technology, health care and national security.

Microsoft, HITRUST Unveil Security Controls Compliance Matrix for Azure
The MIL Corp.
MIL Books $81M Navy Systems Engineering IDIQ