The Cybersecurity and Infrastructure Security Agency (CISA) on Oct. 20 released new security configuration baseline recommendations for Microsoft 365 cloud services.
The agency said release of the baseline recommendations kicks off a series of pilot efforts to advance cloud security practices at Federal civilian executive branch agencies. The effort aims to improve “cloud business application environments through additional configurations, settings, and security products,” CISA said.
The agency is seeking comment on the recommendations through Nov. 24, at QSMO@CISA.dhs.gov.
These new baseline recommendations stem from CISA’s Secure Cloud Business Application (SCuBA) project which seeks to protect sensitive data and help Federal agencies improve security in their cloud environments. CISA announced the SCuBA effort in April.
The groundwork for development of the baseline recommendations was formulated by a group of cybersecurity experts from the Federal Chief Information Officers Council Cyber Innovation Tiger Team.
CISA said it will recommend cybersecurity architectures for Google Workspace in the near future.