Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Users must be prevented from using the remote fetch feature to access files on the machine (64 bit).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-71327 | DTOO603 | SV-85951r2_rule | Medium |
| Description |
|---|
| This setting will prevent users from going to onedrive.com to use the remote fetch feature to browse the file system of the machine (a feature supported on OneDrive running on Windows with the exception of Windows 8.1). This setting is for machines running 64-bit versions of Windows. |
| STIG | Date |
|---|---|
| Microsoft OneDrive for Business 2016 Security Technical Implementation Guide | 2020-03-23 |
Details
| Check Text ( C-71725r11_chk ) |
|---|
| Note: It is important to load the OneDrive ADMX/L templates under the DISA GPO Baseline Package under the ADMX Templates\OneDrive NextGen in order to view and set the settings appropriately. The DISA GPO Baseline Package can be downloaded from the DoD Cyber Exchange. Verify the policy value for Computer Configuration -> Administrative Templates -> OneDrive -> "Prevent users from using the remote fetch feature to access files on the machine (64-bit)" is set to "Enabled". Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Wow6432Node\Microsoft\OneDrive\Remote Access Criteria: If the value GPOEnabled is REG_DWORD = 1, this is not a finding. |
| Fix Text (F-77635r2_fix) |
|---|
| Set the policy value for Computer Configuration -> Administrative Templates -> OneDrive -> "Prevent users from using the remote fetch feature to access files on the machine (64-bit)" to "Enabled". |