R3 Hybrid Architecture Guide

Estimated reading: 1 minute

The R3 Hybrid Architecture Guide explains how GovCon organizations can handle CUI and FCI using a vertical hybrid model:

  • Identity and access in Microsoft Entra ID

  • Document control in Microsoft 365 GCC High

  • Business execution in the R3 GovCloud Workplace

Use this guide to understand the model, how it aligns with CMMC Level 2 and DFARS 7012, and how to apply it in real environments.

1. Executive Summary
1. Executive Summary

2. GovCon Technology Evolution
2. GovCon Technology Evolution

3. Vertical Hybrid Model
3. Vertical Hybrid Model

4. Execution Plane
4. Execution Plane

5. Document Control Plane
5. Document Control Plane

6. Identity Plane
6. Identity Plane

7. Security & Compliance Alignment
7. Security & Compliance Alignment

8. Shared Responsibility Model (SRM)
8. Shared Responsibility Model (SRM)

9. Operational Assurance & High Availability
9. Operational Assurance & High Availability

10. Customer Control Narrative
10. Customer Control Narrative

Appendix A: Compliance Control Matrix
Appendix A: Compliance Control Matrix

Appendix B: Business Authorization and Least Privilege
Appendix B: Business Authorization and Least Privilege

Next - R3 Hybrid Architecture Guide 2. GovCon Technology Evolution