规划 Microsoft 365 合规性– GCC HighPlan for Microsoft 365 compliance – GCC High

本指南适用于推动美国联邦政府实体或其他实体(用于处理政府法规和要求的数据)中的 Office 365 部署的 IT 专业人员,其中 Microsoft 365 政府– GCC High 的使用适用于满足这些要求。This guidance is for IT pros who are driving deployments of Office 365 in US Federal Government entities or other entities that handle data that’s subject to government regulations and requirements, where the use of Microsoft 365 Government – GCC High is appropriate to meet these requirements.

备注

如果您的组织已满足 Microsoft 365 政府– GCC 高资格要求,并已应用并被接受到程序中,则可以跳过步骤1和步骤2,直接转到步骤3。If your organization has already met the Microsoft 365 Government – GCC High eligibility requirements and applied for and been accepted into the program, you can skip steps 1 and 2 and go directly to step 3.

步骤 1.Step 1. 确定您的组织是否需要 Microsoft 365 政府– GCC 高并满足资格要求Determine whether your organization needs Microsoft 365 Government – GCC High and meets eligibility requirements

Microsoft 365 政府-GCC 高环境符合美国政府对云服务的要求。The Microsoft 365 Government - GCC High environment complies with US Government requirements for cloud services. 除了享受 Office 365 的特性和功能外,组织还可以受益于 Microsoft 365 政府(GCC 高)所特有的以下功能:In addition to enjoying the features and capabilities of Office 365, organizations benefit from the following features that are unique to Microsoft 365 Government – GCC High:

  • 您的组织的客户内容在 Microsoft 的商业版 Office 365 服务中从逻辑上隔离。Your organization’s customer content is logically segregated from customer content in the commercial Office 365 services from Microsoft.
  • 您组织的客户内容存储在美国境内。Your organization’s customer content is stored within the United States.
  • 对组织的客户内容的访问权限只限于屏蔽的 Microsoft 员工。Access to your organization’s customer content is restricted to screened Microsoft personnel.
  • Microsoft 365 政府– GCC 高符合美国公共事业部门客户所需的认证和资格鉴定。Microsoft 365 Government – GCC High complies with certifications and accreditations that are required for US public sector customers.

您可以在 Office 365 政府版计划(包括资格要求)中找到有关 Microsoft 365 政府– GCC 高级版的详细信息。You can find more information about the Microsoft 365 Government – GCC High offering for US Government customers at Office 365 Government plans, including eligibility requirements.

Office 365 美国政府版服务说明介绍了平台的优势,这些优点在美国的符合合规性要求中居中显示。The Office 365 US Government service description describes the platform’s benefits, which are centered on meeting compliance requirements within the United States.

提示

您可能需要将服务说明中的信息表转移到 Excel 工作簿中,并添加两列: 与我的组织的相关信息 y/n 相关   并 满足我的组织的需要 y/nYou might want to transfer the tables of information in the service description into an Excel workbook and add two columns: Relevant for my organization Y/N and Meets the needs of my organization Y/N. 然后,您可以与同事一起查看此列表,以确认此服务是否满足组织的需求。Then you can review this list with your colleagues to confirm that this service meets your organization’s needs.

决策点Decision points:

  • 确定 Microsoft 365 政府–高级版是否适合您的组织。Decide whether Microsoft 365 Government – GCC-High is appropriate for your organization.
  • 确认您的组织满足资格要求。Confirm that your organization meets eligibility requirements.

备注

Microsoft 365 政府版-GCC 高版仅适用于美国国家/地区。Microsoft 365 Government - GCC High is only available in the United States. 非美国政府客户可以从多个 Office 365 政府计划中进行选择。Non–US Government customers can choose from a number of Office 365 Government plans.

步骤 2.Step 2. 适用于 Microsoft 365 政府– GCC-高Apply for Microsoft 365 Government – GCC-High

如果认为此服务适合您的组织,请启动 应用此服务的过程。Having decided that this service is right for your organization, start the process of applying for this service.

步骤 3.Step 3. 了解 Microsoft 365 政府– GCC-高默认安全设置Understand Microsoft 365 Government – GCC-High default security settings

我们建议您在修改管理员和安全设置之前,先仔细检查管理员和安全设置,并考虑对合规性产生的影响,然后再对默认安全设置进行任何更改。We recommend that you take time to carefully review your admin and security settings before you modify them and consider the impact on compliance before you make any changes to the default security settings.

决策点决定是否要修改任何默认的 Microsoft 365 政府– GCC-高安全设置,先解决,以了解您可能进行的任何更改的影响。Decision point: Decide whether you’ll modify any of the default Microsoft 365 Government – GCC-High security settings, resolving to first understand the impact of any changes you might make.

步骤 4.Step 4. 了解默认情况下在 Microsoft 365 政府中目前不可用或禁用的功能。 GCC-高1Understand which capabilities are currently unavailable or disabled by default in Microsoft 365 Government – GCC-High1

为满足我们政府云客户的要求,Microsoft 365 政府– GCC-高和企业版计划之间存在一些差异。To meet the requirements of our government cloud customers, there are some differences between Microsoft 365 Government – GCC-High and enterprise plans. 请参阅下表以查看哪些功能可用。Refer to the following table to see which features are available.

功能Feature GCC 状态GCC Status
信息保护Information protection 统一的标签和敏感度标签Unified labeling and sensitivity labels 可用Available
Sharepoint Online 的容器标签、Office 组Container labels for Sharepoint Online, Office Groups 即将推出Rolling out
基于敏感数据类型(针对 Excel Online、SharePoint Online、OneDrive for Business)自动标记Auto labeling based in sensitive data types for Excel Online, SharePoint Online, OneDrive for Business 即将推出Rolling out
基于 Win32 和 Mac Office 客户端的敏感数据类型的标签Labels based on sensitive data types for Win32 and Mac Office clients 在工程工作积压On engineering backlog
基于 Win 32、Mac 的敏感数据类型自动添加标签Auto labeling based on sensitive data types for Win 32, Mac 在工程工作积压On engineering backlog
基于团队的敏感数据类型自动添加标签Auto labeling based on sensitive data types for Teams 在工程工作积压On engineering backlog
基于移动的敏感数据类型自动添加标签Auto labeling based on sensitive data types for Mobile 在工程工作积压On engineering backlog
基于查询的标签和关联策略Labels and associated policies based on queries 可用Available
标签活动资源管理器Label Activity Explorer 在工程工作积压On engineering backlog
可训练的分类器Trainable classifiers 在工程工作积压On engineering backlog
基本 Office 365 邮件加密 (E3) Basic Office 365 Message Encryption (E3) 可用Available
高级 Office 365 邮件加密 (E5) Advanced Office 365 Message Encryption (E5) 可用Available
Office 365 的客户密钥Customer Key for Office 365 可用Available
为客户管理的密钥预配生命周期提供你自己的密钥 (BYOK) Bring Your Own Key (BYOK) for customer-managed key provisioning life cycle 可用Available
保留您自己的密钥 (HYOK) ,以跨越 Azure 信息保护和 Active Directory (AD) 对高度管控方案的权限管理 (Preview) Hold Your Own Key (HYOK) that spans Azure Information Protection and Active Directory (AD) Rights Management for highly regulated scenarios (Preview) 可用Available
双密钥加密Double Key Encryption 在工程工作积压On engineering backlog
文件和电子邮件的数据丢失防护 (DLP) Data loss prevention (DLP) for files and email 可用Available
适用于团队聊天和频道对话的 DLPDLP for Teams chat and channel conversations 即将推出Rolling out
DLP 精确数据匹配DLP exact data match 在工程工作积压On engineering backlog
DLP 终结点DLP Endpoint 在工程工作积压On engineering backlog
信息治理Information governance 电子邮件存档Email Archiving 可用Available
保留锁定Preservation lock 可用Available
导入 PSTImport PST 可用Available
手动非记录保留标签Manual non-record retention labels 可用Available
SharePoint/OneDrive for Business 库、文件夹和文档集的默认保留标签;Exchange 收件箱;和 Office 365 组Default retention labels for SharePoint/OneDrive for Business libraries, folders and document sets; Exchange inboxes; and Office 365 Groups 可用Available
对整个组织的保留策略;特定位置或用户;并根据特定条件自动 (例如,关键字或敏感信息) Retention policies to entire organization; specific locations or users; and automatically based on specific condition (e.g. keywords or sensitive information) 可用Available
带有 trainable 分类器的保留策略Retention policies with trainable classifier 在工程工作积压On engineering backlog
Yammer 和团队的保留策略Retention policies for Yammer and Teams 在工程工作积压On engineering backlog
手动记录标签Manual record labels 可用Available
SharePoint、OneDrive for business 库、文件夹和文档集的默认记录标签。和 Office 365 组Default record labels for SharePoint, OneDrive for Business libraries, folders, and document sets; and Office 365 groups 可用Available
根据特定条件自动记录策略 (例如关键字或敏感信息) ;基于事件Automatic record policies based on specific conditions (e.g. keywords or sensitive information); and based on an event 可用Available
处置评审Disposition review 可用Available
文件计划管理器File plan manager 可用Available
处置证明Proof of disposal 可用Available
法规记录Regulatory records 在工程工作积压On engineering backlog
记录管理许可实施Records management licensing enforcement 在工程工作积压On engineering backlog
记录管理多阶段处置评审Records management multi-stage disposition review 在工程工作积压On engineering backlog
标签活动资源管理器Label Activity Explorer 在工程工作积压On engineering backlog
可训练的分类器Trainable classifiers 在工程工作积压On engineering backlog
统一的标签和敏感度标签Unified labeling and sensitivity labels 在工程工作积压On engineering backlog
内部风险管理Insider risk management 客户密码箱Customer Lockbox 可用Available
用于团队、SharePoint 网站、电子邮件消息的 Office 指示器Office indicators for Teams, SharePoint sites, email messaging 即将推出Rolling out
通过去声用户窃取数据Data theft by departing users 即将推出Rolling out
常规数据泄露General data leaks 即将推出Rolling out
调查内幕风险管理警报Investigate insider risk management alerts 即将推出Rolling out
内幕风险管理案例仪表板、内容浏览器和通知模板Insider risk management case dashboard, content explorer and notice templates 即将推出Rolling out
用于调查高级电子数据展示的升级Escalate for investigation for Advanced eDiscovery 即将推出Rolling out
按优先级用户 (预览的数据泄露) Data leaks by priority users (preview) 在工程工作积压on engineering backlog
因不满用户 (预览而进行的数据泄露) Data leaks by disgruntled users (preview) 在工程工作积压on engineering backlog
(预览的常规安全策略冲突) General security policy violations (preview) 在工程工作积压on engineering backlog
安全策略违反:优先级用户、传出用户、不满意的用户 (预览) Security policy violations by priority users, departing users, disgruntled users (preview) 在工程工作积压on engineering backlog
(预览的策略自定义) Policy customization (preview) 在工程工作积压on engineering backlog
(预览中导出警报) Export alerts (preview) 在工程工作积压on engineering backlog
(预览的优先级用户组) Priority user groups (preview) 在工程工作积压on engineering backlog
创建客户策略,3预配置为符合通信合规性 (包括。监察策略) Create customer policies, 3 pre-configured for Communication Compliance (incl. Supervision policies) 即将推出Rolling out
包括的通信合规性 (。监督策略) 对团队、Exchange 和删除团队邮件的支持Communication compliance (incl. Supervision policies) support for Teams, Exchange, and remove Teams message 即将推出Rolling out
包括的通信合规性 (。监督策略) 访问警报;通知模板;通信策略仪表板Communication Compliance (incl. Supervision policies) access alerts; notice templates; communication policy dashboard 即将推出Rolling out
包括的通信合规性 (。用于调查高级电子数据展示的监察策略) 升级Communication Compliance (incl. Supervision policies) escalate for investigation for Advanced eDiscovery 即将推出Rolling out
包括的通信合规性 (。监督策略) 检测成人内容Communication Compliance (incl. Supervision policies) detect adult content 即将推出Rolling out
信息屏障Information barriers 在工程工作积压On engineering backlog
特权访问管理Privileged access management 在工程工作积压On engineering backlog
发现 & 响应Discover & respond 核心电子数据展示:就地保留Core eDiscovery: In-place preservation 可用Available
核心电子数据展示:案例管理Core eDiscovery: Case management 可用Available
核心电子数据展示:搜索Core eDiscovery: Search 可用Available
核心电子数据展示:导出Core eDiscovery: Export 可用Available
核心电子数据展示: RMS 解密Core eDiscovery: RMS decryption 可用Available
核心电子数据展示:本地导出Core eDiscovery: Native export 可用Available
核心电子数据展示:审核Core eDiscovery: Auditing 可用Available
高级电子数据展示:高级处理Advanced eDiscovery: Advanced processing 即将推出Rolling out
高级电子数据展示:电子邮件线程Advanced eDiscovery: Email threading 即将推出Rolling out
高级电子数据展示:接近重复标识Advanced eDiscovery: Near duplicate identification 即将推出Rolling out
高级电子数据展示:主题Advanced eDiscovery: Themes 即将推出Rolling out
高级电子数据展示:预测编码Advanced eDiscovery: Predictive coding 即将推出Rolling out
高级电子数据展示:已处理加载文件的导出Advanced eDiscovery: Processed export with load file 即将推出Rolling out
高级电子数据展示:标记Advanced eDiscovery: Tagging 即将推出Rolling out
高级电子数据展示:查看者Advanced eDiscovery: Viewers 即将推出Rolling out
高级电子数据展示:密文Advanced eDiscovery: Redactions 即将推出Rolling out
高级电子数据展示:筛选Advanced eDiscovery: Filtering 即将推出Rolling out
高级电子数据展示:保管人到工作负载映射Advanced eDiscovery: Custodian to workload mapping 即将推出Rolling out
高级电子数据展示:保管人通信Advanced eDiscovery: Custodian communications 即将推出Rolling out
高级电子数据展示:审阅集Advanced eDiscovery: Review sets 即将推出Rolling out
高级电子数据展示:审阅和批注Advanced eDiscovery: Review and annotate 即将推出Rolling out
高级电子数据展示:非 Office 365 摄取Advanced eDiscovery: Non-Office 365 ingestion 即将推出Rolling out
高级电子数据展示:搜索词报告Advanced eDiscovery: Search Term report 即将推出Rolling out
基本审核Basic audit 可用Available
高级审核:对关键事件的访问 (例如 mailitemsaccessed) Advanced Audit: Access to crucial events (e.g. mailitemsaccessed) 即将推出Rolling out
(1 年的高级审核日志保留) Advanced Audit log retention (1 year) 即将推出Rolling out
高级审核增加了管理活动 API 的带宽Advanced Audit increased bandwidth to management activity API 即将推出Rolling out
遵从性管理Compliance Management 合规性管理器和分数Compliance Manager and Score 在工程工作积压On engineering backlog

1 标识的状态可能会随着项目计划和优先级的重新评估而发生更改。1 Identified status is subject to change as project plans and priorities are reevaluated.
2 手动应用标签需要 Azure 信息保护 (AIP) 客户端版本 12 Manual application of labels requires Azure Information Protection (AIP) client version 1.

决策点决定合规性功能是否满足组织的需求。Decision point: Decide whether the compliance features meet your organization’s needs.