Configure Outlook Security Mode to use Policy settings.

Configure Outlook Security Mode to use Policy settings. - Outlook.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-17760	DTOO239 - Outlook	SV-18958r1_rule	ECSC-1	Medium

Description
If users can configure security themselves, they might choose levels of security that leave their computers vulnerable to attack. By default, Outlook 2007 users can configure security for themselves, and Outlook ignores any security-related settings that are configured in Group Policy.

STIG	Date
Microsoft Outlook 2007	2015-09-17

Details

Check Text ( C-19023r1_chk )
The policy value for User Configuration -> Administrative Templates -> Microsoft Office Outlook 2007 -> Security -> Security Form Settings “Outlook Security Mode” will be set to “Enabled (Use Outlook Security Group Policy)”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\12.0\Outlook\Security Criteria: If the value AdminSecurityMode is REG_DWORD = 3, this is not a finding.

Check Text ( C-19023r1_chk )

The policy value for User Configuration -> Administrative Templates -> Microsoft Office Outlook 2007 -> Security -> Security Form Settings “Outlook Security Mode” will be set to “Enabled (Use Outlook Security Group Policy)”.

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\12.0\Outlook\Security

Criteria: If the value AdminSecurityMode is REG_DWORD = 3, this is not a finding.

Fix Text (F-17659r1_fix)
The policy value for User Configuration -> Administrative Templates -> Microsoft Office Outlook 2007 -> Security -> Security Form Settings “Outlook Security Mode” will be set to “Enabled (Use Outlook Security Group Policy)”.