Check: O365-OU-000010
Microsoft Office 365 ProPlus STIG:
O365-OU-000010
(in versions v3 r1 through v1 r2)
Title
The Publish to Global Address List (GAL) button must be disabled in Outlook. (Cat II impact)
Discussion
This policy setting controls whether Outlook users can publish e-mail certificates to the Global Address List (GAL). If you enable this policy setting, the "Publish to GAL" button does not display in the "E-mail Security" section of the Trust Center. If you disable or do not configure this policy setting, Outlook users can publish their e-mail certificates to the GAL through the "E-mail Security" section of the Trust Center.
Check Content
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2016 >> Security >> Cryptography >> Do not display 'Publish to GAL' button is set to "Enabled". Use the Windows Registry to navigate to the following key: HKCU\software\policies\microsoft\office\16.0\outlook\security If the value for publishtogaldisabled is REG_DWORD = 1, this is not a finding.
Fix Text
Set the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2016 >> Security >> Cryptography >> Do not display 'Publish to GAL' button to "Enabled".
Additional Identifiers
Rule ID: SV-223355r961863_rule
Vulnerability ID: V-223355
Group Title: SRG-APP-000516
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |