STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← Back to STIGs

Microsoft OneDrive Security Technical Implementation Guide

Version

V2R4

Release Date

Jun 9, 2025

SCAP Benchmark ID

Microsoft_OneDrive

Total Checks

12

Tags

other

CAT I: 1CAT II: 11CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKL Export CSV Export JSON Download STIG ZIP

Checks (12)

V-215529MEDIUMDisabling of user name and password syntax from being used in URLs must be enforced.V-215531MEDIUMSaved from URL mark to assure Internet zone processing must be enforced.V-215532MEDIUMNavigation to URLs embedded in Office products must be blocked.V-215533MEDIUMScripted Window Security must be enforced.V-215534MEDIUMAdd-on Management functionality must be allowed.V-215535MEDIUMLinks that invoke instances of Internet Explorer from within an Office product must be blocked.V-215536MEDIUMFile Downloads must be configured for proper restrictions.V-215537MEDIUMProtection from zone elevation must be enforced.V-215538MEDIUMActiveX Installs must be configured for proper restriction.V-230562MEDIUMOneDrive must only allow synchronizing of accounts for DoD organization instances.V-230564MEDIUMThe use of personal accounts for OneDrive synchronization must be disabled.V-275978HIGHThe version of OneDrive running on the system must be a supported version.