UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Microsoft OneDrive for Business 2016 Security Technical Implementation Guide


Overview

Date Finding Count (13)
2020-03-23 CAT I (High): 0 CAT II (Med): 13 CAT III (Low): 0
STIG Description
The Microsoft OneDrive for Business 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC I - Mission Critical Public)

Finding ID Severity Title
V-71317 Medium File Downloads must be configured for proper restrictions.
V-71313 Medium Links that invoke instances of Internet Explorer from within an Office product must be blocked.
V-71311 Medium Add-on Management functionality must be allowed.
V-71305 Medium Navigation to URLs embedded in Office products must be blocked.
V-71297 Medium Disabling of user name and password syntax from being used in URLs must be enforced.
V-71319 Medium Protection from zone elevation must be enforced.
V-71309 Medium Scripted Window Security must be enforced.
V-71301 Medium Enabling IE Bind to Object functionality must be present.
V-71327 Medium Users must be prevented from using the remote fetch feature to access files on the machine (64 bit).
V-71303 Medium Saved from URL mark to assure Internet zone processing must be enforced.
V-71323 Medium Users must be prevented from using the remote fetch feature to access files on the machine (32 bit).
V-71331 Medium Users must be prevented from configuring personal OneDrive accounts.
V-71321 Medium ActiveX Installs must be configured for proper restriction.