How to Connect GCC High and Office 365 for Cross-Cloud Collaboration

It’s a year of upcoming changes for Microsoft 365 and GCC High especially as those changes pertain to cross-cloud collaboration. More than mere name changes, certain plans are no longer available. Additionally, Microsoft 365 Office’s gradual change to Microsoft 365 Copilot works to bridge commercial and government clouds that previously operated in somewhat limited collaborative experiences.

Historically, configuring cross-cloud collaboration between Commercial Office 365 to GCC High hasn’t been without significant security and compliance impacts. Since Copilot is becoming an integral part of Microsoft 365 Office, GCC and GCC High functionality in both commercial and government sectors, preparing for its inevitable influence in cross-cloud collaboration is imperative to stay competitive for government contracts.

An earlier change rolled out in 2023 when the Azure Active Directory (Azure AD) became Microsoft Entra ID. Entra determines who gets access to your organization’s system. Change is often slow to accept, so many businesses who haven’t had to dole out access to other organizations yet may still know Entra ID as Azure AD.

Here’s what you need to know about the changes and how to prepare for the gradual roll-out slated to take place over the next couple of years.

What’s Coming?

Microsoft 365 Copilot’s already been readily available in commercial clouds, but is being developed for government cloud systems making them not only more scalable but ensuring security and compliance standards. Here’s what you can expect:

• GCC: partial usage, partial development, rollout began March 31, 2025
• GCC High: in development, expected late 2025
• DoD: in development, expected summer 2025

The gradual development and implementation allows for those working in both commercial and government cloud environments time to review their administrative settings, communication, identity management, security and compliance needs before migrating Microsoft 365 to GCC High.

Cross-Cloud Collaboration Pricing Considerations

If you live in the commercial cloud, you’re likely concerned more about cutting costs than working with a finite budget like DoD government environments do. Before attempting cross-cloud collaboration, you need to figure out what pricing consideration is right for your organization’s NIST 800-171, DFARS 7012, and CMMC compliance needs and all the internal and external identity management necessities you need to keep your organization thriving.

Azure AD B2C Changes and Pricing

Azure AD External Identities P1 and P2 will no longer be available to purchase for customers, but those using it prior to May 1, can still use it to create new tenants and user flows and will be supported until May 2030. Its new name is Azure AD B2C. At the time of writing this article, there are four licensing tiers available.

The free licensing tier is the lowest tier. There’s no cost to access basic features. However, there are limitations to its functionality. Middle tiers are the Office 365 apps, while the highest tiers are the two premium plans currently at $6 to $9 monthly per user with full functionality. (May 2025)

Azure AD B2B Collaboration Changes and Pricing

Azure AD B2B Collaboration is now Entra External ID B2B Collaboration. There are also four licensing tiers, upgrading to Entra ID Premium if warranted. Microsoft Entra ID Governance adds extra security and controls and is a dedicated cloud environment available on GCC, GCC High and DoD. Pricing depends on your region.

What You Need to Begin Cross-Cloud Collaboration

Ralph Waldo Emerson coined the famous phrase, “It’s not the destination, it’s the journey.” When you’re migrating from one cloud to another, both are critical. You have to consider your end-users and your workflows to create a migratory experience that works and is secure. On the journey, you have need to consider cost-efficiency, information security, your end-users and even whether you would pass a CMMC audit. Find what Entra ID features are in your particular licensing tier and decide if you need to upgrade.

The features of Entra ID, starting with basic B2B identity and access management features. Office 365 enterprise subscribers have all the basic features plus fewer limitations, including 2-way syncing between Entra ID and on-premise directories. Premium Plan 1’s full functionality excludes the I.D. protection and governance that you get in Premium Plan 2, the highest tier.

Your Microsoft cloud settings in the Entra directory allows B2B collaboration between Azure’s commercial cloud and Azure’s government cloud.

Enabling Cross-Tenant Access

Now for the general how-to’s in connecting Office 365 and GCC High.

It’s assumed that you know how to get to Microsoft Entra. You need to be at least a Security Administrator or have a customized role in order to configure new settings.

Sign in to the Entra admin center. Go to Entra ID to External Identities to Cross-tenant access settings and select it. Then select the default settings tab. Here you’ll be able to edit both the inbound and outbound defaults as either allowed or blocked.

Specific organizations follow the same route. Just select organizational settings instead of the default settings tab. From there you can add an organization.

Default Settings

B2B collaboration enables internal users by default. B2B Direct Connect, organizational settings and cross-tenant synchronizations are not by default. You have to configure these settings to allow cross-cloud collaboration.

Identifying Tenancy

Identifying stakeholders in your contracts may take an extra step. You can manage permissions with tools like PowerShell to see who signs in internally and externally. Microsoft Entra’s audit logs record system users, including guest users. You should plan on how long you want to keep the logs should you ever need to look back over longer periods of time to research user activities.

Adding Microsoft Azure Government and Azure China

Let’s say you’re a commercial prime contractor needing to add cross-tenant access to Microsoft Azure Government and Microsoft Azure China. When you check either of these, this should then take you to the government tenancy where you will check Microsoft Azure Commercial. Note that unlike the commercial cloud, Microsoft China will not be listed in GCC High.

Also note that you’ll first validate whether you can send a guest request from Commercial Azure to a GCC High user. If you can’t, the configuration may be incorrect, even if cross-tenant collaboration is enabled.

Making Sure It All Works

After you’ve enabled cross-tenant access and added organizations, validate the connections by posting messages to each other.

Validation one is to send a invitation message from Azure’s commercial cloud to Azure’s government cloud, in this case, GCC High.

Validation two is having GCC High respond by accessing the commercial cloud to your organization. If both messages are received and responded to, cross-tenancy has been enabled.

Now you can configure whatever tenant restrictions work for the cross-tenancy and government contract—for example, user identities and access controls to apps like Teams, Outlook and SharePoint.

Learn More About Cross-Cloud Collaboration

Without cross-cloud collaboration any organization would operate in a silo and in today’s interoperable world you’d not likely thrive. For security’s sake, businesses operating within the commercial cloud that need to connect to GCC High’s government cloud should make managing the identities that access their respective clouds, a first priority.

At Agile IT, we pride ourselves on our expertise in user authentication and access controls that allow for cross-cloud collaboration. So, if your commercial or GCC user wants to collaborate with another user in GCC High, for instance, you can—in fact, we’ve already started connecting Office 365 tenants to GCC High tenants.

We can help you determine the best practice approach to improve your organizational collaboration without compromising CMMC compliance. Schedule a call today to get started.