Details

Outlook users can create and use signatures in email messages. Users can add signatures to messages manually, and can also configure Outlook to automatically append signatures to new messages, to replies and forwards, or to all three. Signatures typically include details such as the user’s name, title, phone numbers, and office location. When an organization has policies that govern the distribution of this kind of information, using signatures might cause some users to inadvertently violate these policies.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013 -> Outlook Options -> Mail format ‘Do not allow signatures for e-mail messages’ to ‘Disabled’.

Supportive Information

The following resource is also helpful.

• https://iasecontent.disa.mil/stigs/zip/U_MS_Outlook_2013_V1R13_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.

References

• 800-53|SC-13
• CAT|II
• CCI|CCI-002450
• Rule-ID|SV-53886r1_rule
• STIG-ID|DTOO227
• Vuln-ID|V-17673

Source

• Tenable.com/audits