The U.S. Department of Defense (DoD) has unique information protection requirements that extend beyond the common set of requirements established by the Federal Risk and Authorization Management Program (FedRAMP) program. Using FedRAMP requirements as a foundation, the U.S. DoD specifically has defined additional cloud computing security and compliance requirements in their DoD Cloud Computing Security Requirements Guide (SRG). Cloud Service Providers (CSPs) supporting U.S. DoD customers are required to comply with these requirements.
DoD IL4 is a designation that includes controlled unclassified information (CUI), including export controlled data, personally identifiable information (PII), and protected health information (PHI), along with other mission critical data.
Additional information can be found at https://www.salesforce.com/solutions/industries/government/compliance/.