jkaufman-mitre
commented
1 month ago Branch made and the changes were made. Waiting until 0.2 baseline release before creating PR. Changes were made in the "gmail-changes-post-0.2" branch.
Open jkaufman-mitre opened 1 month ago
jkaufman-mitre
commented
1 month ago Branch made and the changes were made. Waiting until 0.2 baseline release before creating PR. Changes were made in the "gmail-changes-post-0.2" branch.
adhilto
commented
1 month ago I recommend we say just "block" to maintain parity with the M365 baselines. See https://github.com/cisagov/ScubaGear/blob/main/PowerShell/ScubaGear/baselines/exo.md#msexo82v1, which points to https://github.com/cisagov/ScubaGear/blob/main/PowerShell/ScubaGear/baselines/defender.md#msdefender43v1, which states:
The action for the custom policy SHOULD be set to block sharing sensitive information with everyone.
jkaufman-mitre
commented
1 month ago Per the issue in the dev repo, we will remove the DLP policy from Gmail and put it in Common Controls.
A rule needs to be added to Gmail for the new Data Loss Prevention rules feature.
The rational for the new rule should be: "Data Loss Prevention (DLP) rules help identify and limit the sharing of sensitive content, protecting agency information. By blocking and/or having warnings on these DLP-scanned files from being shared with users, the risk of unintentional introduction of sensitive content is significantly reduced."
Policy wording should be: "Agencies SHOULD configure DLP rules to block or warn on sharing files with sensitive data."