MS.SHAREPOINT.2.1v1 - File and folder default sharing scope SHALL be set to Specific people (only the people the user specifies).

Information

By making the default sharing the most restrictive, administrators prevent accidentally sharing information too broadly.

Solution

1. Sign in to the SharePoint admin center.

2. Select Policies \> Sharing

3. Under File and folder links, set the default link type to Specific people (only the people the user specifies)

4. Select Save

See Also

https://github.com/cisagov/ScubaGear/tree/v1.5.0/

Item Details

Category: ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|AC-2, 800-53|AC-3, 800-53|AC-4, 800-53|AC-5, 800-53|AC-6, 800-53|AC-16, 800-53|AC-17, 800-53|AC-18, 800-53|AC-19, 800-53|AC-20, 800-53|AC-21, 800-53|AC-23, 800-53|CA-3, 800-53|CA-7, 800-53|CA-8, 800-53|CM-2, 800-53|CM-3, 800-53|CM-5, 800-53|CM-6, 800-53|CM-7, 800-53|CM-8, 800-53|CP-6, 800-53|CP-7, 800-53|CP-9, 800-53|CP-10, 800-53|IA-2, 800-53|IA-4, 800-53|IA-8, 800-53|RA-5, 800-53|SA-8, 800-53|SA-9, 800-53|SC-4, 800-53|SC-7, 800-53|SC-28, 800-53|SC-31, 800-53|SC-36, 800-53|SI-3, 800-53|SI-4, 800-53|SI-7, 800-53|SI-10, 800-53|SI-12, 800-53|SI-15, 800-53|SI-16

Plugin: microsoft_azure

Control ID: d46e921a8a1bf969166acfe509acbe2cf38237a5d06a2cfdb87c9086fa0a6d5d