MS.EXO.8.3v1 - The selected DLP solution SHOULD offer services comparable to the native DLP solution offered by Microsoft.

Information

Any alternative DLP solution should be able to detect sensitive information in Exchange Online and block access to unauthorized entities.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Any product meeting the requirements outlined in this baseline policy may be used. If the agency uses Microsoft Defender, see the following implementation steps for [DLP](https://github.com/cisagov/ScubaGear/tree/v1.5.0/PowerShell/ScubaGear/baselines/defender.md#implementation-3) for additional guidance.

See Also

https://github.com/cisagov/ScubaGear/tree/v1.5.0/

Item Details

Category: ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|AC-2, 800-53|AC-3, 800-53|AC-4, 800-53|AC-5, 800-53|AC-6, 800-53|AC-7, 800-53|AC-16, 800-53|AC-17, 800-53|AC-18, 800-53|AC-19, 800-53|AC-20, 800-53|AC-23, 800-53|CA-3, 800-53|CA-7, 800-53|CA-8, 800-53|CM-2, 800-53|CM-5, 800-53|CM-6, 800-53|CM-7, 800-53|CM-8, 800-53|IA-2, 800-53|IA-3, 800-53|IA-4, 800-53|IA-5, 800-53|IA-6, 800-53|IA-8, 800-53|RA-5, 800-53|SA-8, 800-53|SA-9, 800-53|SC-4, 800-53|SC-7, 800-53|SC-28, 800-53|SC-31, 800-53|SI-3, 800-53|SI-4, 800-53|SI-7, 800-53|SI-10, 800-53|SI-12, 800-53|SI-15

Plugin: microsoft_azure

Control ID: 6c1dfbd8a1a4ed239a88a63d79bae1ec41b9e726ee59a398b6563517626c82c2