ASD's Blueprint for Secure Cloud

Security & privacy

This section describes the configuration of security and privacy settings in Microsoft 365 associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

Estimated reading time: 2 minutes

Customer lockbox

ItemValue
Require approval for all data access requestsEnabled

Help & support query collection

ItemValue
Allow Microsoft to collect support queriesDisabled

Idle session timeout

ItemValue
Turn on to set the period of inactivity for users to be signed off of Microsoft 365 web appsEnabled
When do you want users signed out1 hour

Password expiration policy

ItemValue
Set passwords to never expireEnabled

Privacy profile

ItemValue
Organization privacy statementURL to organisation privacy policy
Organisation privacy contactemail for organisation privacy contact

Privileged access

ItemValue
Allow privileged access requests and choose a default approval groupEnabled

Sharing

ItemValue
Let user add new quests to the organizationDisabled

Security & Governance

  • None identified

Design

  • None identified

Configuration

  • None identified

References

  • None identified

Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at blueprint@asd.gov.au

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra