GCC (Government Community Cloud) is a cloud environment provided by Microsoft Azure that is specifically designed to meet the unique requirements of the U.S. government. GCC Low and GCC High are two different tiers of GCC, each with different security and compliance requirements.
GCC Low is intended for use by U.S. government organizations that handle sensitive but unclassified (SBU) data and have less stringent compliance requirements. GCC High is intended for use by U.S. government organizations that handle sensitive and/or classified data and have more stringent compliance requirements.
With the implementation of GCC Low and GCC High, there have been some changes in terms of security and compliance requirements. GCC High has more stringent security controls and compliance requirements compared to GCC Low.
Regarding handling of CUI (controlled unclassified information) related materials, it is important to note that handling of CUI is subject to compliance with the specific regulations and guidelines set by the agency responsible for the data. GCC High provides more stringent security controls and compliance requirements compared to GCC Low, but it is not guaranteed that compliance with CUI handling can only be achieved by using GCC High. It's important to consult the specific regulations and guidelines set by the agency responsible for the data, to ensure that your organization is compliant with CUI handling.