SIEM

• Enable Email Encryption
• Enable Client Rules Forwarding Blocks
• Set Outbound Spam Notifications
• Do not allow mailbox delegation
• Set up Connection Filtering
• Spam Filtering
• Malware Protection
• Anti-Phishing Policy
• Configure Enhanced Filtering
• Configure ATP Safe Links and Safe Attachments Policy
• Add SPF, DKIM, and DMARC
• Do not Allow Calendar Details Sharing
• Audits
• Additional Resources

Enable Email Encryption

# Enable Client Rules Forwarding Blocks

Compliance Controls

• GDPR; Control 6.8.2
• ISO 27018:2014; Control A.10.2

# Set Outbound Spam Notifications

Compliance Controls

• HIPAA; Control 45 C.F.R. § 164.308(a)(5)(ii)(B)
• NIST 800-171; Control 3.14.2
• NIST 800-53; Control SI-3(a)

Do not allow mailbox delegation

Compliance Controls

• FedRAMP Moderate; Control AC-2, Control AC-2(3)
• GDPR; Control 6.6.1
• ISO 27018:2014; Control C.9.2
• NIST 800-53; Control AC-2
• NIST CSF; Control DE.CM-1

Set up Connection Filtering

Spam Filtering

Malware Protection

Anti-Phishing Policy

Configure Enhanced Filtering

Configure ATP Safe Links and Safe Attachments Policy

Add SPF, DKIM, and DMARC

Do not Allow Calendar Details Sharing

Compliance Controls

• FedRAMP Moderate; Control AC-2(9)
• NIST 800-53; Control AC-2(9)

Audits

• Regular audits of mailbox settings, account permissions, and mail forwarding rules for evidence of unauthorized changes.

Additional Resources

• https://usc.pax8.com/resource/display/33588
• https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults

This site is open source. Improve this page.