Check: O365-OU-000010
Microsoft Office 365 ProPlus STIG:
O365-OU-000010
(in versions v2 r11 through v2 r4)
Title
The Publish to Global Address List (GAL) button must be disabled in Outlook. (Cat II impact)
Discussion
This policy setting controls whether Outlook users can publish e-mail certificates to the Global Address List (GAL). If you enable this policy setting, the "Publish to GAL" button does not display in the "E-mail Security" section of the Trust Center. If you disable or do not configure this policy setting, Outlook users can publish their e-mail certificates to the GAL through the "E-mail Security" section of the Trust Center.
Check Content
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2016 >> Security >> Cryptography >> Do not display 'Publish to GAL' button is set to "Enabled". Use the Windows Registry to navigate to the following key: HKCU\software\policies\microsoft\office\16.0\outlook\security If the value for publishtogaldisabled is REG_DWORD = 1, this is not a finding.
Fix Text
Set the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2016 >> Security >> Cryptography >> Do not display 'Publish to GAL' button to "Enabled".
Additional Identifiers
Rule ID: SV-223355r879887_rule
Vulnerability ID: V-223355
Group Title: SRG-APP-000516
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |