MS.DEFENDER.4.2v1 - The custom policy SHOULD be applied to Exchange, OneDrive, SharePoint, Teams chat, and Devices.

Information

Unauthorized disclosures may happen through M365 services or endpoint devices. DLP policies should cover all affected locations to be effective.

Solution

See [MS.DEFENDER.4.1v2 Instructions](#msdefender41v2-instructions) step 8
for details on enforcing DLP policy in specific M365 service locations.

See Also

https://github.com/cisagov/ScubaGear/tree/v1.5.0/

Item Details

Category: ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|AC-2, 800-53|AC-3, 800-53|AC-4, 800-53|AC-5, 800-53|AC-6, 800-53|AC-7, 800-53|AC-16, 800-53|AC-17, 800-53|AC-18, 800-53|AC-19, 800-53|AC-20, 800-53|AC-21, 800-53|AC-23, 800-53|CA-3, 800-53|CA-7, 800-53|CA-8, 800-53|CM-2, 800-53|CM-3, 800-53|CM-5, 800-53|CM-6, 800-53|CM-7, 800-53|CM-8, 800-53|IA-2, 800-53|IA-3, 800-53|IA-4, 800-53|IA-5, 800-53|IA-6, 800-53|IA-8, 800-53|RA-5, 800-53|SA-8, 800-53|SA-9, 800-53|SC-4, 800-53|SC-7, 800-53|SC-28, 800-53|SC-31, 800-53|SI-3, 800-53|SI-4, 800-53|SI-7, 800-53|SI-10, 800-53|SI-12, 800-53|SI-15

Plugin: microsoft_azure

Control ID: 4fc80f3b3d56cad71807abde7a8312a7e33d27e601bb6b9634b4e0399fe1076f