The Office Telemetry Agent must be configured to obfuscate the file name, file path, and title of Office documents before uploading telemetry data to the shared folder.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-238042 | DTOO416 | SV-238042r1047204_rule | CCI-000366 | medium |
| Description | ||||
| This policy setting configures Office Telemetry Agent to disguise, or obfuscate, certain file properties that are reported in telemetry data. If this policy setting is enabled, Office Telemetry Agent obfuscates the file name, file path, and title of Office documents before uploading telemetry data to the shared folder. If this policy setting is disabled or not configured, Office Telemetry Agent uploads telemetry data that shows the full file name, file path, and title of all Office documents. | ||||
| STIG | Date | |||
| Microsoft Office System 2016 Security Technical Implementation Guide | 2024-12-06 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-6
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-238042r1047204_chk)
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Telemetry Dashboard >> "Turn on privacy setting in Office Telemetry Agent" is set to "Enabled".
Use the Windows Registry Editor to navigate to the following key:
HKCU\software\policies\Microsoft\office\16.0\osm
If the value "enablefileobfuscation" is "REG_DWORD = 1", this is not a finding.
Fix Text (F-41211r1047203_fix)
Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 .> Telemetry Dashboard >> "Turn on privacy settings in Office Telemetry Agent" to "Enabled".