TickYouOff
Sign in
Back
🔒

Edge STIG Implementation

Hard 19 items · 2 hours
testuser's avatar
testuser Published 2 months ago
Security

This checklist helps IT teams implement the Microsoft Edge STIG (Ver 2, Rel 4) across managed environments. It’s for system administrators, security engineers, and compliance officers who need a practical, step-by-step implementation plan.

Source: https://ncp.nist.gov/checklist/986

Progress
0 / 19
  1. Download and read the Microsoft Edge STIG (Ver 2, Rel 4) — Review scope, roles, and controls for the Chromium-based Edge.
  2. Inventory Chromium-based Edge installations — List versions, platforms, and deployment methods (GPO, Intune, local).
  3. Map STIG controls to organizational policies and baselines — Identify required changes, exceptions, and owners for each control.
  4. Download SCAP 1.3 content for the Microsoft Edge STIG — Obtain SCAP 1.3 benchmark to automate assessments.
  5. Import SCAP content into your compliance or scanning tool — Use your scanner's import function to load the benchmark.
  6. Download the latest Group Policy Objects (GPO) package — Get the matching GPOs for the STIG version from DISA.
  7. Obtain Intune policy package for Edge (if using Intune) — Download the provided Intune policy files and guidance.
  8. Deploy Intune policies (if using Intune)
  9. Upload Intune policy files — Import the downloaded Intune package into your tenant.
  10. Assign Intune policies to device groups — Target policies to pilot groups first.
  11. Monitor Intune deployment status — Watch assignment and compliance reports for failures.
  12. Apply GPOs to Active Directory OUs — Link and enforce the downloaded GPO package in AD.
  13. Configure Edge browser security settings per STIG — Set update, extension, privacy, and telemetry settings.
  14. Disable unsupported or legacy features identified by STIG — Turn off deprecated protocols and risky features.
  15. Test configurations on pilot machines — Verify functionality and user impact before wide rollout.
  16. Run SCAP assessment and remediate findings — Scan for STIG compliance and fix discrepancies.
  17. Document implemented settings and approved exceptions — Record baselines, owners, and rationale for deviations.
  18. Send comments or change requests to DISA — Email feedback or proposed revisions to [email protected].
  19. Schedule quarterly STIG review and update process — Assign owners to check for new releases and patches.
Sign in to save
📝 My Notes