DTOO239 - Outlook Security Mode must be configured to use Group Policy settings.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

This policy setting controls which set of security settings are enforced in Outlook. If you enable this policy setting, you can choose from four options for enforcing Outlook security settings: * Outlook Default Security - This option is the default configuration in Outlook. Users can configure security themselves, and Outlook ignores any security-related settings configured in Group Policy. * Use Security Form from 'Outlook Security Settings' Public Folder - Outlook uses the settings from the security form published in the designated public folder. * Use Security Form from 'Outlook 10 Security Settings' Public Folder - Outlook uses the settings from the security form published in the designated public folder. * Use Outlook Security Group Policy - Outlook uses security settings from Group Policy. Important - You must enable this policy setting if you want to apply the other Outlook security policy settings mentioned in this guide. If you disable or do not configure this policy setting, Outlook users can configure security for themselves, and Outlook ignores any security-related settings that are configured in Group Policy. Note - In previous versions of Outlook, when security settings were published in a form in Exchange Server public folders, users who needed these settings required the HKEY_CURRENT_USER\Software\Policies\Microsoft\Security\CheckAdminSettings registry key to be set on their computers for the settings to apply. In Outlook, the CheckAdminSettings registry key is no longer used to determine users' security settings. Instead, the Outlook Security Mode setting can be used to determine whether Outlook security should be controlled directly by Group Policy, by the security form from the Outlook Security Settings Public Folder, or by the settings on users' own computers.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Security -> Security Form Settings 'Outlook Security Mode' to 'Enabled (Use Outlook Security Group Policy)'.

See Also

http://iasecontent.disa.mil/stigs/zip/U_MS_Outlook_2016_V1R2_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CAT|II, CCI|CCI-000366, Rule-ID|SV-85781r1_rule, STIG-ID|DTOO239, Vuln-ID|V-71157

Plugin: Windows

Control ID: 16d452e5a7bf835d98ddcfba6849c4b2ee5a20c5316c2565bc9356900818f859