This section describes the configuration of SharePoint associated with systems built according to guidance in ASD's Blueprint for Secure Cloud.
Estimated reading time: 1 minute
The below tables outline the as built configuration for ASD’s Blueprint for Secure Cloud for the
These settings should be used to provide reference of a baseline implementation for a system configured using the blueprint. Any implementation implied by the below should not be considered as prescriptive as to how an organisation must scope, build, document, or assess a system.
Implementation of the Blueprint will differ depending on an organisation’s operating context and organisational culture. Organisations should implement the Blueprint in alignment with their existing change management, business processes and frameworks.
Placeholders such as
<TENANT-NAME> should be replaced with the relevant details as required.
|Allow limited, web-only access
Idle session sign-out
|Sign out inactive users automatically
|Sign out users after:
|Give users this much notice before signing them out:
|Allow access only from specific IP address ranges
Apps that don’t use modern authentication
OneDrive access restriction
|Restrict OneDrive access to only users in specified security groups