27.05.2022 09:30

GCC Security Checklist Organizations Need to Know

News image


Microsoft GCC is offering by Microsoft for all the government or government-linked entities that require access to the Agreement Online Services Government Program (AOSG).

The companies and organizations that do not utilize any controlled and unclassified information are given allowance to the GCC licensing.

Office 365 GCC High on the other hand is required for all the DoD contractors who must compulsorily comply with Cybersecurity Maturity Model Certification level 3 and above, and DFARS 7012.

They also need to have practices to handle all the Controlled Unclassified Information and the ITAR data. Below is the GCC Security Checklist that is recommended to all the organizations:

Legacy Email Protocol

Legacy protocols are used by many organizations due to the simplicity of the service. As they are old, newer and more secure protocols have replaced them makes sure that the organizations are on a better protocol system and the overall security stance is improved. So it is recommended for organizations to disable the legacy email protocols of not required.


The automation can verify and act on hackers and viruses much before a human can. it is recommended that organizations should turn on automated alerting and monitoring as it will notice any unusual activities before anyone else can.

Multi-Factor Authentication (MFA)

Organizations can easily tackle credential theft of Office 365 users by turning on the multi-factor authentication system. By default, this option is not enabled. This is the most security step an administrator can take to secure their office365 tenants.

Mailbox Auditing

Organizations can avoid all the security risks which can take place through a mailbox by enabling the mailbox auditing feature for each user in the company.

Generally, an intrusion takes place from a mailbox as the hacker (attacker) aims to spread their access within the system and spread from one mailbox to another.

Global Admins Should use the Principle of Least Privilege

With the circumstances today, it is not recommended to the Global administrators to use an account with elevated authentications and privileges for daily work.

Instead, they are recommended to create a different account with the GA privileges and authentications for administrative use.

They should use Application profiles that let them create a token to authenticate into the tenant. Post the GA authorization of the application, the credentials are no more needed to authenticate the application. Organizations can use Microsoft SharePoint Migration services to migrate their data to Microsoft GCC license.

Limit End-User Permissions

Often the end-users are granted access and permissions to higher levels that are not needed. With such authorizations and permissions, it can impose security threats as if the account is compromised, the hackers have all the privileges and can act on it.

Unified Audit Log

It is recommended that organizations should turn on the unified audit logging feature from the compliance and security center as it is not enabled by default. When enabled the administrators can determine the impacts made by the security breach attempts quickly and easily.

These were the recommendations for all the organizations using the GCC licensing as it helps improve the security stance of the company. Apps4Rent provides GCC licensing with great support and security enhancements.

They also have expertise in virtual solutions such as Desktop as a Service with great end-user support, maintenance, and security.

Thank you!
Join us on social networks!
See you!