“CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool”
CISA, December 21, 2023
Alert
By Cybersecurity & Infrastructure Security Agency (CISA)
“CISA has published the finalized Microsoft 365 Secure Configuration Baselines, designed to bolster the security and resilience of organizations’ Microsoft 365 (M365) cloud services.”
CISA has published the finalized Microsoft 365 Secure Configuration Baselines, designed to bolster the security and resilience of organizations’ Microsoft 365 (M365) cloud services. This guidance release is accompanied by the updated SCuBAGear tool that assesses organizations’ M365 cloud services per CISA’s recommended baselines.
Today’s release incorporates stakeholder input from last year’s public comment period and pilot effort with federal agencies. Changes to the draft Microsoft 365 Secure Configuration Baselines were integrated with the SCuBAGear tool, which is also now more automated to reduce organization effort.
CISA thanks all whose input took this guidance from a series of best practices to actionable policies and made the SCuBAGear tool easier to use.
Organizations are urged to review these baselines and utilize the SCuBAGear tool. For more information, read CISA’s blog and contact CISA’s Cybersecurity Shared Services Office for additional support.
About the Author:
CISA is the operational lead for federal cybersecurity and the national coordinator for critical infrastructure security and resilience. CISA is designed for collaboration and partnership. Learn about their layered mission to reduce risk to the nation’s cyber and physical infrastructure.
