Email client security settings cannot be changed by users.
Topic
Hardening user application configurations
Applicable to
all
History
Mar 2023
Email client security settings cannot be changed by users.
An existing control relating to preventing users from changing security settings for office productivity suites, email clients and security products was split into three separate controls to facilitate independent implementation and assessment. [ISM-1748, ISM-1823, ISM-1825]
Mar 2022
Office productivity suite, email client and security product security settings cannot be changed by users.
The recommendation to harden the use of web browsers, Microsoft Office and PDF software has been expanded to cover other office productivity suites, email clients and security products. This aligns with the emphasis placed on protecting these types of products by the Essential Eight Maturity Model. Furthermore, additional rationale has been included to note that when Australian Cyber Security Centre (ACSC) and vendor hardening guidance conflicts, preference should be given to implementing ACSC hardening guidance.