The Office Telemetry Agent must be configured to obfuscate the file name, file path, and title of Office documents before uploading telemetry data to the shared folder.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-238042 | DTOO416 | SV-238042r1047204_rule | CCI-000366 | medium |
| Description | ||||
| This policy setting configures Office Telemetry Agent to disguise, or obfuscate, certain file properties that are reported in telemetry data. If this policy setting is enabled, Office Telemetry Agent obfuscates the file name, file path, and title of Office documents before uploading telemetry data to the shared folder. If this policy setting is disabled or not configured, Office Telemetry Agent uploads telemetry data that shows the full file name, file path, and title of all Office documents. | ||||
| STIG | Date | |||
| Microsoft Office System 2016 Security Technical Implementation Guide | 2024-12-06 | |||
Details
Check Text (C-238042r1047204_chk)
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Telemetry Dashboard >> "Turn on privacy setting in Office Telemetry Agent" is set to "Enabled".
Use the Windows Registry Editor to navigate to the following key:
HKCU\software\policies\Microsoft\office\16.0\osm
If the value "enablefileobfuscation" is "REG_DWORD = 1", this is not a finding.
Fix Text (F-41211r1047203_fix)
Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 .> Telemetry Dashboard >> "Turn on privacy settings in Office Telemetry Agent" to "Enabled".