CISA Requests for Comment on Microsoft 365 Security Configuration Baselines
Original release date: October 20, 2022CISA has issued requests for comment (RFCs) on eight Microsoft 365 security configuration baselines as part of the Secure Cloud Business Application (SCuBA) project to secure federal civilian executive branch agencies’ (FCEB) cloud environments. The baselines:
• Build on and integrate previous security configuration baselines developed by the Federal Chief Information Officers Council’s Cyber Innovation Tiger Team (CITT).
• Initiate a series of pilot efforts to advance cloud security practices across the FCEB.
• Aim to enhance the security of FCEB cloud business application environments through additional configurations, settings, and security products.
Visit CISA.gov/SCuBA and CISA’s SCuBA GitHub page for more information and to review the baselines. The RFC period is open until Nov. 24, 2022. CISA is specifically requesting insight on the feasibility, clarity, and usefulness of the baselines. Comments should be submitted to: QSMO@CISA.dhs.gov.
This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft expone la información de contacto y los correos electrónicos de los clientes
Microsoft dijo que parte de la información confidencial de sus clientes fue expuesta por un servidor de Microsoft mal configurado accesible a través de Internet. La empresa aseguró el servidor después de que los investigadores de seguridad de la empresa de inteligencia de amenazas SOCRadar le notificaran la filtración el 24 de septiembre de 2022. […]