1.91 (L2) Ensure 'Enable Drop feature in Microsoft Edge' is set to 'Disabled'

Information

This policy setting configures the drop feature in Microsoft Edge. The drop feature lets users send messages or files to themselves.

The recommended state for this setting is: Disabled

Enabling the Microsoft Edge Drop feature could allow sensitive data to be transmitted to a device that is not authorized or a third-party, which could lead to that data being exposed.

Solution

To establish the recommended configuration via GP, set the following UI path to Disabled :

Computer Configuration\Policies\Administrative Templates\Microsoft Edge\Enable Drop feature in Microsoft Edge

Note: This Group Policy path may not exist by default. It is provided by the Group Policy template MSEdge.admx/adml that can be downloaded from Microsoft from

Download Edge for Business

.

Impact:

Users can't use the drop feature in Microsoft Edge to share files and messages between phones and desktop devices.

See Also

https://workbench.cisecurity.org/benchmarks/18501

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, 800-53|CM-7, CSCv7|9.2

Plugin: Windows

Control ID: 49a57099711feb6e3625e9b339c86c866b3110f31a042d2f3e2b7441606b7fcc