STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Microsoft Office 365 ProPlus Security Technical Implementation Guide

V-278355

CAT II (Medium)

Sending of diagnostic data to Microsoft must be disabled.

Rule ID

SV-278355r1152352_rule

STIG

Microsoft Office 365 ProPlus Security Technical Implementation Guide

Version

V3R5

CCIs

CCI-000381

Discussion

Diagnostic data is used to keep Office secure and up to date; detect, diagnose and remediate problems; and make product improvements.

Check Content

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Privacy >> Trust Center >> "Configure the level of client software diagnostic data sent by Office to Microsoft" is set to "Enabled", and "Neither" from the Options is selected.

Use the Windows Registry Editor to navigate to the following key:
HKCU\software\policies\Microsoft\office\common\clienttelemetry

If the value "SendTelemetry" is "REG_DWORD = 3", this is not a finding. 

If the registry key does not exist or is not configured properly, this is a finding.

Fix Text

Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Privacy >> Trust Center >> "Configure the level of client software diagnostic data sent by Office to Microsoft" to "Enabled" and select "Neither" from the Options.