View on GitHub

cloud-guardrails-O365

Recommended configuration guidance for Microsoft O365 / Conseils de configuration recommandés pour Microsoft O365

Implement Data Protection

Objective

Safeguard information and assets hosted in cloud, from unauthorized access, use, disclosure, modification, disposal, transmission, or destruction throughout their life cycle.

Key Considerations

Additional Considerations

Validation

References

  1. Directive on Security Management - Appendix B: Mandatory Procedures for Information Technology Security Control, subsections B.2.3.4
  2. SPIN 2017-01, subsection 6.2.4
  3. Refer to the cryptography guidance in 40.111 and 40.062.
  4. Refer to the guidance in Considerations for Cryptography in Commercial Cloud Services.
  5. Refer to Section 4.4.1.10 of the Directive on Service and Digital
  6. Related security controls: SC‑8, SC‑8(1), SC‑12, SC‑13, SC‑17, SC‑28, SC‑28(1)