From 130237c5aa54530f4bac671eb957d0a5e84d6711 Mon Sep 17 00:00:00 2001 From: Esco Date: Fri, 5 Jul 2024 16:04:24 +0200 Subject: [PATCH 1/5] Added SPAzureB2B standard --- src/data/standards.json | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/data/standards.json b/src/data/standards.json index df673c360d2f..506dcd63cdce 100644 --- a/src/data/standards.json +++ b/src/data/standards.json @@ -1816,6 +1816,20 @@ "powershellEquivalent": "Update-MgBetaAdminSharepointSetting", "recommendedBy": [] }, + { + "name": "standards.SPAzureB2B", + "cat": "SharePoint Standards", + "tag": ["lowimpact", "CIS"], + "helpText": "Ensure SharePoint and OneDrive integration with Azure AD B2B is enabled", + "addedComponent": [], + "label": "Enable SharePoint and OneDrive integration with Azure AD B2B", + "impact": "Low Impact", + "impactColour": "info", + "powershellEquivalent": "Set-SPOTenant -EnableAzureADB2BIntegration $true", + "recommendedBy": [ + "CIS 3.0" + ] + }, { "name": "standards.DisableAddShortcutsToOneDrive", "cat": "SharePoint Standards", From c12f31e81da059aa88abcac2ac6e88196093d573 Mon Sep 17 00:00:00 2001 From: Esco Date: Fri, 5 Jul 2024 16:04:51 +0200 Subject: [PATCH 2/5] Added SPDirectSharing standard --- src/data/standards.json | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/data/standards.json b/src/data/standards.json index 506dcd63cdce..c91e5c593515 100644 --- a/src/data/standards.json +++ b/src/data/standards.json @@ -1830,6 +1830,20 @@ "CIS 3.0" ] }, + { + "name": "standards.SPDirectSharing", + "cat": "SharePoint Standards", + "tag": ["mediumimpact", "CIS"], + "helpText": "Ensure default link sharing is set to Direct in SharePoint and OneDrive", + "addedComponent": [], + "label": "Default sharing to Direct users", + "impact": "Medium Impact", + "impactColour": "warning", + "powershellEquivalent": "Set-SPOTenant -DefaultSharingLinkType Direct", + "recommendedBy": [ + "CIS 3.0" + ] + }, { "name": "standards.DisableAddShortcutsToOneDrive", "cat": "SharePoint Standards", From c178380bb3c1c6b6858506dcd4c40d626d867977 Mon Sep 17 00:00:00 2001 From: Esco Date: Mon, 8 Jul 2024 13:38:46 +0200 Subject: [PATCH 3/5] Added SPExternalUserExpiration Standard --- src/data/standards.json | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/src/data/standards.json b/src/data/standards.json index c91e5c593515..adc9f61c5a5f 100644 --- a/src/data/standards.json +++ b/src/data/standards.json @@ -1844,6 +1844,26 @@ "CIS 3.0" ] }, + { + "name": "standards.SPExternalUserExpiration", + "cat": "SharePoint Standards", + "tag": ["mediumimpact", "CIS"], + "helpText": "Ensure guest access to a site or OneDrive will expire automatically", + "addedComponent": [ + { + "type": "number", + "name": "standards.SPExternalUserExpiration.Days", + "label": "Days until expiration (Default 60)" + } + ], + "label": "Set guest access to expire automatically", + "impact": "Medium Impact", + "impactColour": "warning", + "powershellEquivalent": "Set-SPOTenant -ExternalUserExpireInDays 30 -ExternalUserExpirationRequired $True", + "recommendedBy": [ + "CIS 3.0" + ] + }, { "name": "standards.DisableAddShortcutsToOneDrive", "cat": "SharePoint Standards", From e1e1a5a9655ebfa934ecb5679d6649f4080a5994 Mon Sep 17 00:00:00 2001 From: Esco Date: Mon, 8 Jul 2024 14:02:42 +0200 Subject: [PATCH 4/5] Added SPEmailAttestation standard --- src/data/standards.json | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/src/data/standards.json b/src/data/standards.json index adc9f61c5a5f..c1c338253bc1 100644 --- a/src/data/standards.json +++ b/src/data/standards.json @@ -1864,6 +1864,26 @@ "CIS 3.0" ] }, + { + "name": "standards.SPEmailAttestation", + "cat": "SharePoint Standards", + "tag": ["mediumimpact", "CIS"], + "helpText": "Ensure reauthentication with verification code is restricted", + "addedComponent": [ + { + "type": "number", + "name": "standards.SPEmailAttestation.Days", + "label": "Require reauth every X Days (Default 15)" + } + ], + "label": "Require reauthentication with verification code", + "impact": "Medium Impact", + "impactColour": "warning", + "powershellEquivalent": "Set-SPOTenant -EmailAttestationRequired $true -EmailAttestationReAuthDays 15", + "recommendedBy": [ + "CIS 3.0" + ] + }, { "name": "standards.DisableAddShortcutsToOneDrive", "cat": "SharePoint Standards", From 2ab99a075637d7690c99d343b841cc12a3ada307 Mon Sep 17 00:00:00 2001 From: Esco Date: Mon, 8 Jul 2024 14:15:37 +0200 Subject: [PATCH 5/5] Added SPDisallowInfectedFiles standard --- src/data/standards.json | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/data/standards.json b/src/data/standards.json index c1c338253bc1..ff0286d5f381 100644 --- a/src/data/standards.json +++ b/src/data/standards.json @@ -1830,6 +1830,20 @@ "CIS 3.0" ] }, + { + "name": "standards.SPDisallowInfectedFiles", + "cat": "SharePoint Standards", + "tag": ["lowimpact", "CIS"], + "helpText": "Ensure Office 365 SharePoint infected files are disallowed for download", + "addedComponent": [], + "label": "Disallow downloading infected files from SharePoint", + "impact": "Low Impact", + "impactColour": "info", + "powershellEquivalent": "Set-SPOTenant -DisallowInfectedFileDownload $true", + "recommendedBy": [ + "CIS 3.0" + ] + }, { "name": "standards.SPDirectSharing", "cat": "SharePoint Standards",