1.3.8 Ensure that Sways cannot be shared with people outside of your organization

Information

Sway is a new app from Microsoft Office that allows users to create and share interactive reports, personal stories, presentations, and more.

This setting controls user Sway sharing capability, both within and outside of the organization. By default, Sway is enabled for everyone in the organization.

Rationale:

Disable external sharing of Sway documents that can contain sensitive information to prevent accidental or arbitrary data leaks.

Impact:

Interactive reports, presentations, newsletters, and other items created in Sway will not be shared outside the organization by users.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

To ensure Sways cannot be viewed outside of your organization:

Navigate to Microsoft 365 admin center https://admin.microsoft.com.

Click to expand Settings then select Org settings.

Under Services select Sway

Uncheck: Let people in your organization share their sways with people outside your organization.

Click Save.

Default Value:

Let people in your organization share their sways with people outside your organization - Enabled

See Also

https://workbench.cisecurity.org/benchmarks/15279

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, 800-53|CM-7, CSCv7|13.1

Plugin: microsoft_azure

Control ID: b30ed4bc432a89317f60333ff7d44d70145c209a35e1ea79a28577ba30824ca5