Lots and lots (thousands) of government security requirements covering every aspect of the enclave and everyone who’s allowed to touch it.
GovCloud isn’t just some marketing label Microsoft made up to cash in. It’s a US federal system that operates in commercial clouds (AWS and Azure, thus far). And the federal government doesn’t trust cloud at all, so they’ve made earning the GovCloud designation about as painful as they possibly can.
Amazon has a good description of the standards they have to meet here, and it’s the same for Microsoft:
Like what?
Lots and lots (thousands) of government security requirements covering every aspect of the enclave and everyone who’s allowed to touch it.
GovCloud isn’t just some marketing label Microsoft made up to cash in. It’s a US federal system that operates in commercial clouds (AWS and Azure, thus far). And the federal government doesn’t trust cloud at all, so they’ve made earning the GovCloud designation about as painful as they possibly can.
Amazon has a good description of the standards they have to meet here, and it’s the same for Microsoft:
https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/govcloud-compliance.html