The use of personal accounts for OneDrive synchronization must be disabled.
An XCCDF Rule
Description
OneDrive provides access to external services for data storage, which must be restricted to authorized instances. Enabling this setting will prevent the use of personal OneDrive accounts for synchronization.
- ID
- SV-230564r918123_rule
- Version
- DTOO607
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure the policy value for User Configuration >> Administrative Templates >> OneDrive >> "Prevent users from syncing personal OneDrive accounts" to "Enabled".
Group policy files for OneDrive are located on a system with OneDrive in "%localappdata%\Microsoft\OneDrive\BuildNumber\adm\".
Copy the OneDrive.admx and .adml files to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.