Detections
Analytics

CIS Microsoft 365 Foundations E3 L2 v1.5.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Microsoft 365 Foundations E3 L2 v1.5.0

Updated: 10/6/2023

Authority: CIS

Plugin: microsoft_azure

Revision: 1.4

Estimated Item Count: 21

Audit Items

DescriptionCategories
1.1.2 Ensure multifactor authentication is enabled for all users in all roles
1.1.12 Ensure that only organizationally managed/approved public groups exist
1.1.13 Ensure that collaboration invitations are sent to allowed domains only
1.1.14 Ensure that LinkedIn contact synchronization is disabled.
1.1.16 Ensure the option to remain signed in is hidden
2.1 Ensure third party integrated applications are not allowed
2.2 Ensure calendar details sharing with external users is disabled
2.6 Ensure user consent to apps accessing company data on their behalf is not allowed
2.7 Ensure the admin consent workflow is enabled
2.8 - Ensure users installing Outlook add-ins is not allowed
3.2 Ensure SharePoint Online Information Protection policies are set up and used
3.3 Ensure external domains are not allowed in Skype or Teams
3.6 Ensure that external users cannot share files, folders, and sites they do not own
3.7 Ensure external file sharing in Teams is enabled for only approved cloud storage services
4.11 Ensure MailTips are enabled for end users
5.4 Ensure the Application Usage report is reviewed at least weekly
6.1 Ensure document sharing is being controlled by domains with whitelist or blacklist
6.2 Block OneDrive for Business sync from unmanaged devices
6.4 Ensure external storage providers available in Outlook on the Web are restricted
7.5 Ensure mobile devices are set to wipe on multiple sign-in failures to prevent brute force compromise
7.12 Ensure mobile device management policies are required for email profiles