FedRAMP Authorized — High Impact
Microsoft Teams GCC High by Microsoft. 6 compliance features verified.
Microsoft Teams GCC High
by Microsoft
Impact Level
High
Status
Authorized
Pricing
enterprise
Authorization Date: April 15, 2019 | Sponsoring Agency: DoD
Overview
Microsoft Teams GCC High provides a FedRAMP High authorized collaboration platform for government and defense organizations handling CUI and ITAR data. It offers chat, video meetings, file sharing, and integration with Microsoft 365 GCC High services. All data is stored within the U.S. government cloud boundary.
Key Features
Certifications & Authorizations
Deployment Options
NIST 800-171 Compliance Coverage
How to Procure Microsoft Teams GCC High for Defense Contracts
Microsoft Teams GCC High is available through GSA MAS Contract 47QTCA18D008Y and SEWP V Contract NNG15SC03B. Government pricing is typically 15-20% below commercial rates through volume licensing agreements like Enterprise Agreement (EA) or Microsoft Products and Services Agreement (MPSA). Contracting officers must review the Microsoft 365 GCC High authorization boundary documentation, including the System Security Plan (SSP) covering Teams, SharePoint, Exchange, and supporting Azure Government services. The authorization boundary extends to all integrated M365 services, requiring ISSO review of data flows between Teams, OneDrive, and Power Platform components. Procurement timeline averages 45-90 days including security review, with expedited processing available for existing Microsoft EA customers. For DFARS 7012 compliance, ensure contract language specifies GCC High environment deployment and data residency requirements. CMMC assessment boundary must include Teams integration points with other contractor systems, particularly file sharing capabilities and guest access controls. Contracting officers should verify contractor's Microsoft tenant configuration meets IL4/IL5 requirements and establish data handling procedures for CUI and ITAR information. Standard licensing includes advanced security features like Advanced Threat Protection, but additional compliance tools like Microsoft Purview may require separate procurement consideration.
Compliance Cross-References
Microsoft Teams GCC High directly supports DFARS 252.204-7012 covered defense information requirements through FedRAMP High controls and Azure Government infrastructure. For DFARS 252.239-7010 cloud computing security, the platform satisfies penetration testing, encryption at rest/in transit, and incident reporting requirements through its DoD SRG IL4/IL5 authorization. NIST 800-171 control family alignment includes: Access Control (AC) through conditional access policies and MFA; System and Communications Protection (SC) via TLS 1.2 encryption and network segregation; and Audit and Accountability (AU) through unified audit logging and Microsoft Purview. CMMC Level 2 domain coverage spans Access Control (AC.L2), Identification and Authentication (IA.L2), System and Communications Protection (SC.L2), and System and Information Integrity (SI.L2) through integrated security features. DoD Cloud Computing SRG requirements are met through Azure Government's FedRAMP High baseline implementation, including data location controls, personnel screening, and continuous monitoring. Using Teams GCC High within the assessment boundary provides evidence of safeguarding CUI through technical controls rather than administrative procedures, strengthening CMMC compliance posture.
Defense Contractor Use Case
Defense contractors use Teams GCC High as their primary collaboration platform for daily communications, meetings, and document sharing involving CUI and ITAR-controlled information.
Related Products
More Collaboration Products
Related Compliance Assessments
Frequently Asked Questions
What is the FedRAMP authorization level for Microsoft Teams GCC High?
Microsoft Teams GCC High is authorized at the FedRAMP High impact level, with authorization granted on 2019-04-15 sponsored by DoD. The FedRAMP High baseline includes approximately 421 security controls and is the most rigorous authorization level.
Can defense contractors use Microsoft Teams GCC High for CUI?
Yes, Microsoft Teams GCC High is authorized at the FedRAMP High baseline, which is suitable for protecting CUI. Defense contractors can use this platform for processing, storing, and transmitting CUI in compliance with NIST 800-171 and DFARS 252.204-7012 requirements. The High baseline provides the most comprehensive set of security controls for cloud services.
How does Microsoft Teams GCC High pricing compare to commercial?
Microsoft Teams GCC High government pricing is typically negotiated on an enterprise basis and may differ from commercial list prices. Government and defense contractor pricing often includes compliance overhead that can make it 15-30% higher than commercial equivalents. However, volume discounts, GSA Schedule pricing, and multi-year commitments can help offset these costs. Contact Microsoft directly or check GSA Advantage for current government pricing.
Browse All FedRAMP Authorized Tools
Search and filter 80+ FedRAMP authorized products for your defense contracting needs.
Open FedRAMP FinderTrack Microsoft Teams GCC High FedRAMP compliance updates with AI-powered intelligence
Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.
Start Free — 90 Days