STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Microsoft Office System 2016 Security Technical Implementation Guide

V-238042

CAT II (Medium)

The Office Telemetry Agent must be configured to obfuscate the file name, file path, and title of Office documents before uploading telemetry data to the shared folder.

Rule ID

SV-238042r1047204_rule

STIG

Microsoft Office System 2016 Security Technical Implementation Guide

Version

V2R5

CCIs

CCI-000366

Discussion

This policy setting configures Office Telemetry Agent to disguise, or obfuscate, certain file properties that are reported in telemetry data. If this policy setting is enabled, Office Telemetry Agent obfuscates the file name, file path, and title of Office documents before uploading telemetry data to the shared folder. If this policy setting is disabled or not configured, Office Telemetry Agent uploads telemetry data that shows the full file name, file path, and title of all Office documents.

Check Content

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Telemetry Dashboard >> "Turn on privacy setting in Office Telemetry Agent" is set to "Enabled".

Use the Windows Registry Editor to navigate to the following key: 

HKCU\software\policies\Microsoft\office\16.0\osm

If the value "enablefileobfuscation" is "REG_DWORD = 1", this is not a finding.

Fix Text

Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 .> Telemetry Dashboard >> "Turn on privacy settings in Office Telemetry Agent" to "Enabled".