Open jkaufman-mitre opened 1 month ago
Branch made and the changes were made. Waiting until 0.2 baseline release before creating PR. Changes were made in the "gmail-changes-post-0.2" branch.
I recommend we say just "block" to maintain parity with the M365 baselines. See https://github.com/cisagov/ScubaGear/blob/main/PowerShell/ScubaGear/baselines/exo.md#msexo82v1, which points to https://github.com/cisagov/ScubaGear/blob/main/PowerShell/ScubaGear/baselines/defender.md#msdefender43v1, which states:
The action for the custom policy SHOULD be set to block sharing sensitive information with everyone.
Per the issue in the dev repo, we will remove the DLP policy from Gmail and put it in Common Controls.
A rule needs to be added to Gmail for the new Data Loss Prevention rules feature.
The rational for the new rule should be: "Data Loss Prevention (DLP) rules help identify and limit the sharing of sensitive content, protecting agency information. By blocking and/or having warnings on these DLP-scanned files from being shared with users, the risk of unintentional introduction of sensitive content is significantly reduced."
Policy wording should be: "Agencies SHOULD configure DLP rules to block or warn on sharing files with sensitive data."