Ensure 'User owned apps and services' is restricted
Why This Matters
Attackers frequently exploit vulnerable or custom-built add-ins to gain unauthorized access to data within Microsoft Word, Excel, and PowerPoint. Allowing users to install add-ins independently increases your organization's attack surface, even though it provides convenience. Restricting this capability reduces the risk of data exposure through malicious or poorly monitored add-ins.
What Aether365 Checks
Aether365 verifies that the "User owned apps and services" setting is configured to prevent users from accessing the Office Store and starting trials. This check appears in your Aether365 dashboard under microsoft-365 checks and alerts you if the setting is not restricted.