New Common Controls policy for Early Access App Access controls #371
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jkaufman-mitre
requested review from
LaurenBassett,
buidav,
adhilto and
mdueltgen
adhilto
requested changes
Aug 29, 2024
Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]>
…/github.com/cisagov/ScubaGoggles into 370-early-access-app-access-common-controls
jkaufman-mitre
temporarily deployed
to
Development
GitHub Actions
Inactive
jkaufman-mitre
temporarily deployed
to
Development
GitHub Actions
Inactive
jkaufman-mitre
temporarily deployed
to
Development
GitHub Actions
Inactive
jkaufman-mitre
temporarily deployed
to
Development
GitHub Actions
Inactive
jkaufman-mitre
temporarily deployed
to
Development
GitHub Actions
Inactive
buidav
requested changes
Sep 5, 2024
drift-rules/GWS Drift Monitoring Rules - Common Controls as of 11-14-23.csv
Outdated
Show resolved
Hide resolved
Co-authored-by: David Bui <[email protected]>
adhilto
approved these changes
Sep 12, 2024
1 task
buidav
changed the title
buidav
requested changes
Sep 16, 2024
Co-authored-by: David Bui <[email protected]>
buidav
approved these changes
Sep 17, 2024
adhilto
added a commit
that referenced
this pull request
Oct 3, 2024
* Added Policy Group 18 * Added Drift Rule for Policy Group 18 * Fixed Table of Contents * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> * Fixed Implementation * Added Policy Under Policy Group 16 * Fixed Policy Group 16 Intro * Changed Security to Secure in header * Fixed TOC * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Apply suggestions from code review Co-authored-by: David Bui <[email protected]> * Fixed drift rule files * Update baselines/commoncontrols.md Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> Co-authored-by: mdueltgen <[email protected]>
adhilto
added a commit
that referenced
this pull request
Oct 3, 2024
* Updated Resource Link for DriveDocs 3.1 (#400) * Fixes Numbering Issue in GMAIL 5.3 Instructions (#399) * Fixed numbering issue in instruction for 5.3 * Update baselines/gmail.md End with a period for automation processing reasons. Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> * Updating Classroom 1.2 Instructions (#407) * New Common Controls policy for Early Access App Access controls (#371) * Added Policy Group 18 * Added Drift Rule for Policy Group 18 * Fixed Table of Contents * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> * Fixed Implementation * Added Policy Under Policy Group 16 * Fixed Policy Group 16 Intro * Changed Security to Secure in header * Fixed TOC * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Apply suggestions from code review Co-authored-by: David Bui <[email protected]> * Fixed drift rule files * Update baselines/commoncontrols.md Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> Co-authored-by: mdueltgen <[email protected]> * Updated Location of Setting in DriveDocs 6.1 Instructions (#404) * Updated location of setting in instructions and fixed bolding * Update baselines/drive.md Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> * Updating Common Controls 11.2 Implementation Instructions #375 (#411) * updated location of setting in implementation instructions * adding in periods * Update baselines/commoncontrols.md Co-authored-by: David Bui <[email protected]> * Update baselines/commoncontrols.md removed extra period Co-authored-by: David Bui <[email protected]> * Remove double period in overview --------- Co-authored-by: David Bui <[email protected]> * Updating Common Controls 12.1 Implementation Steps (#414) * Updated location for takeout admin control based on update to data tab in admin console * Update baselines/commoncontrols.md Fixes capitalization of import/export per admin console Co-authored-by: Alden Hilton <[email protected]> * removing unnecessary save step --------- Co-authored-by: Alden Hilton <[email protected]> * Update location of rules setting in admin console in implementation steps. (#418) * Updating Common Controls 15.1 Implementation Steps (#420) * udpated location of setting for data regions in instructions * Update baselines/commoncontrols.md removed S in compliances Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> * Fixed backslashes/forwardslashes bug in Common Controls Baseline (#426) * Changed Early Access to Early Access Apps (#428) * Add Data at Rest processing policy to Common Controls baseline (#434) * Added Policy 15.2 and renamed previous 15.2 to 15.3 * adding drift rule for 15.2 * Added TTP Mappings * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Update drift-rules/GWS Drift Monitoring Rules - Common Controls as of 11-14-23.csv Co-authored-by: Alden Hilton <[email protected]> * Apply suggestions from code review Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: mdueltgen <[email protected]> Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> * updating implementation steps for 13.1 to clarify editting rules * fixed numbering and removed old language about having to click show more which doesn't exist anymore in the admin consle. * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Update baselines/commoncontrols.md Co-authored-by: Alden Hilton <[email protected]> --------- Co-authored-by: David Bui <[email protected]> Co-authored-by: jkaufman-mitre <[email protected]> Co-authored-by: Alden Hilton <[email protected]>
adhilto
added a commit
that referenced
this pull request
Oct 15, 2024
* Added Policy Group 18 * Added Drift Rule for Policy Group 18 * Fixed Table of Contents * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> * Fixed Implementation * Added Policy Under Policy Group 16 * Fixed Policy Group 16 Intro * Changed Security to Secure in header * Fixed TOC * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Apply suggestions from code review Co-authored-by: David Bui <[email protected]> * Fixed drift rule files * Update baselines/commoncontrols.md Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> Co-authored-by: mdueltgen <[email protected]>
adhilto
added a commit
that referenced
this pull request
Oct 15, 2024
* Updated Resource Link for DriveDocs 3.1 (#400) * Fixes Numbering Issue in GMAIL 5.3 Instructions (#399) * Fixed numbering issue in instruction for 5.3 * Update baselines/gmail.md End with a period for automation processing reasons. Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> * Updating Classroom 1.2 Instructions (#407) * New Common Controls policy for Early Access App Access controls (#371) * Added Policy Group 18 * Added Drift Rule for Policy Group 18 * Fixed Table of Contents * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> * Fixed Implementation * Added Policy Under Policy Group 16 * Fixed Policy Group 16 Intro * Changed Security to Secure in header * Fixed TOC * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Apply suggestions from code review Co-authored-by: David Bui <[email protected]> * Fixed drift rule files * Update baselines/commoncontrols.md Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> Co-authored-by: mdueltgen <[email protected]> * Updated Location of Setting in DriveDocs 6.1 Instructions (#404) * Updated location of setting in instructions and fixed bolding * Update baselines/drive.md Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> * Updating Common Controls 11.2 Implementation Instructions #375 (#411) * updated location of setting in implementation instructions * adding in periods * Update baselines/commoncontrols.md Co-authored-by: David Bui <[email protected]> * Update baselines/commoncontrols.md removed extra period Co-authored-by: David Bui <[email protected]> * Remove double period in overview --------- Co-authored-by: David Bui <[email protected]> * Updating Common Controls 12.1 Implementation Steps (#414) * Updated location for takeout admin control based on update to data tab in admin console * Update baselines/commoncontrols.md Fixes capitalization of import/export per admin console Co-authored-by: Alden Hilton <[email protected]> * removing unnecessary save step --------- Co-authored-by: Alden Hilton <[email protected]> * Update location of rules setting in admin console in implementation steps. (#418) * Updating Common Controls 15.1 Implementation Steps (#420) * udpated location of setting for data regions in instructions * Update baselines/commoncontrols.md removed S in compliances Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> * Fixed backslashes/forwardslashes bug in Common Controls Baseline (#426) * Changed Early Access to Early Access Apps (#428) * Add Data at Rest processing policy to Common Controls baseline (#434) * Added Policy 15.2 and renamed previous 15.2 to 15.3 * adding drift rule for 15.2 * Added TTP Mappings * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Update drift-rules/GWS Drift Monitoring Rules - Common Controls as of 11-14-23.csv Co-authored-by: Alden Hilton <[email protected]> * Apply suggestions from code review Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: mdueltgen <[email protected]> Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> * updating implementation steps for 13.1 to clarify editting rules * fixed numbering and removed old language about having to click show more which doesn't exist anymore in the admin consle. * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Update baselines/commoncontrols.md Co-authored-by: Alden Hilton <[email protected]> --------- Co-authored-by: David Bui <[email protected]> Co-authored-by: jkaufman-mitre <[email protected]> Co-authored-by: Alden Hilton <[email protected]>
buidav
added a commit
that referenced
this pull request
Oct 29, 2024
* Updated Resource Link for DriveDocs 3.1 (#400) * Fixes Numbering Issue in GMAIL 5.3 Instructions (#399) * Fixed numbering issue in instruction for 5.3 * Update baselines/gmail.md End with a period for automation processing reasons. Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> * New Common Controls policy for Early Access App Access controls (#371) * Added Policy Group 18 * Added Drift Rule for Policy Group 18 * Fixed Table of Contents * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> * Fixed Implementation * Added Policy Under Policy Group 16 * Fixed Policy Group 16 Intro * Changed Security to Secure in header * Fixed TOC * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Apply suggestions from code review Co-authored-by: David Bui <[email protected]> * Fixed drift rule files * Update baselines/commoncontrols.md Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> Co-authored-by: mdueltgen <[email protected]> * Updated Location of Setting in DriveDocs 6.1 Instructions (#404) * Updated location of setting in instructions and fixed bolding * Update baselines/drive.md Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> * Updating Common Controls 11.2 Implementation Instructions #375 (#411) * updated location of setting in implementation instructions * adding in periods * Update baselines/commoncontrols.md Co-authored-by: David Bui <[email protected]> * Update baselines/commoncontrols.md removed extra period Co-authored-by: David Bui <[email protected]> * Remove double period in overview --------- Co-authored-by: David Bui <[email protected]> * Updating Common Controls 12.1 Implementation Steps (#414) * Updated location for takeout admin control based on update to data tab in admin console * Update baselines/commoncontrols.md Fixes capitalization of import/export per admin console Co-authored-by: Alden Hilton <[email protected]> * removing unnecessary save step --------- Co-authored-by: Alden Hilton <[email protected]> * Update location of rules setting in admin console in implementation steps. (#418) * Updating Common Controls 15.1 Implementation Steps (#420) * udpated location of setting for data regions in instructions * Update baselines/commoncontrols.md removed S in compliances Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> * Fixed backslashes/forwardslashes bug in Common Controls Baseline (#426) * Changed Early Access to Early Access Apps (#428) * Add Data at Rest processing policy to Common Controls baseline (#434) * Added Policy 15.2 and renamed previous 15.2 to 15.3 * adding drift rule for 15.2 * Added TTP Mappings * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Update drift-rules/GWS Drift Monitoring Rules - Common Controls as of 11-14-23.csv Co-authored-by: Alden Hilton <[email protected]> * Apply suggestions from code review Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: mdueltgen <[email protected]> Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> * Clarifying Implementation Steps of CommonControls13.1 (#445) * Updated Resource Link for DriveDocs 3.1 (#400) * Fixes Numbering Issue in GMAIL 5.3 Instructions (#399) * Fixed numbering issue in instruction for 5.3 * Update baselines/gmail.md End with a period for automation processing reasons. Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> * Updating Classroom 1.2 Instructions (#407) * New Common Controls policy for Early Access App Access controls (#371) * Added Policy Group 18 * Added Drift Rule for Policy Group 18 * Fixed Table of Contents * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> * Fixed Implementation * Added Policy Under Policy Group 16 * Fixed Policy Group 16 Intro * Changed Security to Secure in header * Fixed TOC * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Apply suggestions from code review Co-authored-by: David Bui <[email protected]> * Fixed drift rule files * Update baselines/commoncontrols.md Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> Co-authored-by: mdueltgen <[email protected]> * Updated Location of Setting in DriveDocs 6.1 Instructions (#404) * Updated location of setting in instructions and fixed bolding * Update baselines/drive.md Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> * Updating Common Controls 11.2 Implementation Instructions #375 (#411) * updated location of setting in implementation instructions * adding in periods * Update baselines/commoncontrols.md Co-authored-by: David Bui <[email protected]> * Update baselines/commoncontrols.md removed extra period Co-authored-by: David Bui <[email protected]> * Remove double period in overview --------- Co-authored-by: David Bui <[email protected]> * Updating Common Controls 12.1 Implementation Steps (#414) * Updated location for takeout admin control based on update to data tab in admin console * Update baselines/commoncontrols.md Fixes capitalization of import/export per admin console Co-authored-by: Alden Hilton <[email protected]> * removing unnecessary save step --------- Co-authored-by: Alden Hilton <[email protected]> * Update location of rules setting in admin console in implementation steps. (#418) * Updating Common Controls 15.1 Implementation Steps (#420) * udpated location of setting for data regions in instructions * Update baselines/commoncontrols.md removed S in compliances Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> * Fixed backslashes/forwardslashes bug in Common Controls Baseline (#426) * Changed Early Access to Early Access Apps (#428) * Add Data at Rest processing policy to Common Controls baseline (#434) * Added Policy 15.2 and renamed previous 15.2 to 15.3 * adding drift rule for 15.2 * Added TTP Mappings * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Update drift-rules/GWS Drift Monitoring Rules - Common Controls as of 11-14-23.csv Co-authored-by: Alden Hilton <[email protected]> * Apply suggestions from code review Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: mdueltgen <[email protected]> Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: David Bui <[email protected]> * updating implementation steps for 13.1 to clarify editting rules * fixed numbering and removed old language about having to click show more which doesn't exist anymore in the admin consle. * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * Update baselines/commoncontrols.md Co-authored-by: Alden Hilton <[email protected]> --------- Co-authored-by: David Bui <[email protected]> Co-authored-by: jkaufman-mitre <[email protected]> Co-authored-by: Alden Hilton <[email protected]> * first draft of new DLP changes * TOC update, group description, clarifying implementation steps * removing extra spacing * first draft of new DLP changes * TOC update, group description, clarifying implementation steps * removing extra spacing * updating drift rules * updating implemetnation steps for actions, adding should block external sharing policy * draft for condition rules for Credit card/ITIN/SSN * updated TOC for chat/drive * adding in drift rules * Apply suggestions from code review Co-authored-by: Alden Hilton <[email protected]> * code changes based on comments * code changes udpating implementation steps across policy group 18 * Apply suggestions from code review Co-authored-by: David Bui <[email protected]> Co-authored-by: Alden Hilton <[email protected]> * replacing add instead of actions * Apply suggestions from code review Parity w/ m365 and scubagear 3rd party DLP options license info Co-authored-by: David Bui <[email protected]> * updating TOC * Apply suggestions from code review Co-authored-by: David Bui <[email protected]> --------- Co-authored-by: David Bui <[email protected]> Co-authored-by: jkaufman-mitre <[email protected]> Co-authored-by: Alden Hilton <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🗣 Description
Added Policy Group 18 to Common Controls Baseline for Early Access Apps
Code changes tracked in #402.
💭 Motivation and context
Closes #370
🧪 Testing
N/A, this PR does not add any new code
✅ Pre-approval checklist
✅ Pre-merge Checklist
Squash and mergebutton.✅ Post-merge Checklist