When the Cybersecurity & Infrastructure Security Agency (CISA) released the Secure Cloud Business applications (SCuBA) project, I was pretty excited but it left me wanting more. I wanted more enablement materials and a way to map this back to broader cybersecurity frameworks we are adopting vs just having a checklist to follow. For this reason, I’ve been spending time building a lengthy guide expanding off of the project to include security controls across Azure AD, Teams, Exchange, SharePoint, OneDrive, and Intune. Each security control includes the following enablement material:
- Control Summary
- Multi-tenant and Single-Tenant Power BI Templates
- Policy Definition
- Licensing Considerations
- Set up instructions.
- End-User Impact/Notification Templates
- Tips
- PowerShell Scripts
- Video Demonstrations
You can view a sample of the guide here:
CIS Controls Mapping
I mapped all of the security recommendations to the CIS Controls and include more end-user notification templates (48 total).
Power BI Template
