cisagov · adhilto · Jan 17, 2024 · Jan 4, 2024 · Jan 5, 2024 · Jan 5, 2024
diff --git a/Testing/RegoTests/calendar/calendar01_test.rego b/Testing/RegoTests/calendar/calendar01_test.rego
@@ -2,7 +2,7 @@ package calendar
 import future.keywords
 
 #
-# Policy 1
+# GWS.CALENDAR.1.1v0.1
 #--
 test_ExtSharingPrimaryCal_Correct_V1 if {
     # Test external sharing for primary calendars when there's only one event
@@ -391,26 +391,4 @@ test_ExtSharingPrimaryCal_Incorrect_V5 if {
     not RuleOutput[0].NoSuchEvent
     RuleOutput[0].ReportDetails == "Requirement failed in Secondary OU."
 }
-
-#
-# GWS.CALENDAR.1.2v0.1
-#--
-
-test_External_Sharing_Options_V1 if {
-    # Not-Implemented
-    PolicyId := "GWS.CALENDAR.1.2v0.1"
-    Output := tests with input as {
-        "calendar_logs": {"items": [
-        ]},
-        "tenant_info": {
-            "topLevelOU": "Test Top-Level OU"
-        }
-    }
-
-    RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
-    count(RuleOutput) == 1
-    not RuleOutput[0].RequirementMet
-    RuleOutput[0].NoSuchEvent
-    RuleOutput[0].ReportDetails == "Currently not able to be tested automatically; please manually check."
-}
 #--
diff --git a/Testing/RegoTests/calendar/calendar03_test.rego b/Testing/RegoTests/calendar/calendar03_test.rego
@@ -2,7 +2,7 @@ package calendar
 import future.keywords
 
 #
-# Policy 1
+# GWS.CALENDAR.3.1v0.1
 #--
 test_ExtSharingSecondaryCal_Correct_V1 if {
  # Test external sharing for secondary calendars when there's only one event
@@ -186,26 +186,4 @@ test_ExtSharingSecondaryCal_Incorrect_V3 if {
         " is shared outside Test Top-Level Domain but outsiders cannot change calendars."
     ])
 }
-
-#
-# GWS.CALENDAR.3.2v0.1
-#--
-
-test_ExternalSharingOptions_Secondary__Correct_V1 if {
-    # Not-Implemented
-    PolicyId := "GWS.CALENDAR.3.2v0.1"
-    Output := tests with input as {
-        "calendar_logs": {"items": [
-        ]},
-        "tenant_info": {
-            "topLevelOU": "Test Top-Level OU"
-        }
-    }
-
-    RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
-    count(RuleOutput) == 1
-    not RuleOutput[0].RequirementMet
-    RuleOutput[0].NoSuchEvent
-    RuleOutput[0].ReportDetails == "Currently not able to be tested automatically; please manually check."
-}
 #--
diff --git a/baselines/Google Calendar Minimum Viable Secure Configuration Baseline v0.1.md b/baselines/Google Calendar Minimum Viable Secure Configuration Baseline v0.1.md
@@ -30,7 +30,7 @@ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "S
 
 # Baseline Policies
 
-## 1. External Sharing Options for Primary Calendars
+## 1. External Sharing Options
 
 This section determines what information is shared from primary calendars with external entities.
 
@@ -47,11 +47,11 @@ External Sharing Options for Primary Calendars SHALL be configured to "Only free
   - [T1530: Data from Cloud Storage](https://attack.mitre.org/techniques/T1530/)
 
 #### GWS.CALENDAR.1.2v0.1
-External sharing options for primary calendars between multiple components within an organization MAY be configured.
+External sharing options for secondary calendars SHALL be configured to "Only free/busy information (hide event details)" to restrict information sharing and prevent data leakage.
 
 - Rationale
-  - Prevent data leakage by restricting the information viewable by internal users when a user shares their calendar by configuring additional settings on shared information between components.
-- Last Modified: November 14, 2023
+  - Prevent data leakage by restricting the amount of information that is externally viewable when a user shares their calendar with someone external to your organization.
+- Last Modified: July 10, 2023
 
 - MITRE ATT&CK TTP Mapping
   - [T1530: Data from Cloud Storage](https://attack.mitre.org/techniques/T1530/)
@@ -77,7 +77,14 @@ To configure the settings for External Sharing in Primary Calendar:
 5.  Select **Save**.
 
 #### GWS.CALENDAR.1.2v0.1 Instructions
-1.  There is no implementation for this policy
+
+To configure the settings for External Sharing in secondary calendars:
+
+1.  Sign in to the [Google Admin Console](https://admin.google.com).
+2.  Select **Apps -\> Google Workspace -\> Calendar**.
+3.  Select **General settings -\> External sharing options for secondary calendars**.
+4.  Select **Only free/busy information (hide event details)**.
+5.  Select **Save**.
 
 ## 2. External Invitations Warnings
 
@@ -120,67 +127,15 @@ To configure the settings for Confidential Mode:
 4.  Check the **Warn users when inviting guests outside of the domain** checkbox.
 5.  Select **Save**.
 
-## 3. External Sharing Options for Secondary Calendars
-
-This section determines what information is shared from secondary calendars with external entities.
-
-### Policies
-
-#### GWS.CALENDAR.3.1v0.1
-External sharing options for secondary calendars SHALL be configured to "Only free/busy information (hide event details)" to restrict information sharing and prevent data leakage.
-
-- Rationale
-  - Prevent data leakage by restricting the amount of information that is externally viewable when a user shares their calendar with someone external to your organization.
-- Last Modified: July 10, 2023
-
-- MITRE ATT&CK TTP Mapping
-  - [T1530: Data from Cloud Storage](https://attack.mitre.org/techniques/T1530/)
-
-#### GWS.CALENDAR.3.2v0.1
-
-External sharing options for secondary calendars between multiple components within an organization MAY be configured.
-
-- Rationale
-  - Prevent data leakage by restricting the information viewable by internal users when a user shares their calendar by configuring additional settings on shared information between components.
-- Last Modified: July 10, 2023
-
-- MITRE ATT&CK TTP Mapping
-  - [T1530: Data from Cloud Storage](https://attack.mitre.org/techniques/T1530/)
-
-### Resources
-
--   [Google Workspace Admin Help: Set Calendar sharing options](https://support.google.com/a/answer/60765?hl=en#zippy=%2Cset-a-default-for-internal-sharing%2Callow-or-restrict-external-sharing)
--   [CIS Google Workspace Foundations Benchmark](https://www.cisecurity.org/benchmark/google_workspace)
-
-### Prerequisites
-
--   N/A
-
-### Implementation
-
-#### GWS.CALENDAR.3.1v0.1 Instructions
-
-To configure the settings for External Sharing in secondary calendars:
-
-1.  Sign in to the [Google Admin Console](https://admin.google.com).
-2.  Select **Apps -\> Google Workspace -\> Calendar**.
-3.  Select **General settings -\> External sharing options for secondary calendars**.
-4.  Select **Only free/busy information (hide event details)**.
-5.  Select **Save**.
-
-#### GWS.CALENDAR.3.2v0.1 Instructions
-
-1.  There is no implementation for this policy
-
-## 4. Calendar Interop Management
+## 3. Calendar Interop Management
 
 This section determines whether Microsoft Exchange and Google Calendar can be configured to work together to allow users in both systems to share their availability status so they can view each other's schedules. The availability and event information that will be shared between Exchange and Calendar include availability for users, group or team calendars, and calendar resources (such as meeting rooms). Calendar Interop respects event-level privacy settings from either Exchange or Calendar.
 
 Due to the added complexity and attack surface associated with configuring Calendar Interop, it should be disabled in environments for which this capability is not necessary for agency mission fulfillment.
 
 ### Policies
 
-#### GWS.CALENDAR.4.1v0.1
+#### GWS.CALENDAR.3.1v0.1
 Calendar Interop SHOULD be disabled unless agency mission fulfillment requires collaboration between users internal and external to an organization who use both Microsoft Exchange and Google Calendar.
 
 - Rationale
@@ -191,7 +146,7 @@ Calendar Interop SHOULD be disabled unless agency mission fulfillment requires c
   - [T1530: Data from Cloud Storage](https://attack.mitre.org/techniques/T1530/)
   - [T1199: Trusted Relationship](https://attack.mitre.org/techniques/T1199/)
 
-#### GWS.CALENDAR.4.2v0.1
+#### GWS.CALENDAR.3.2v0.1
 OAuth 2.0 SHALL be used in lieu of basic authentication to establish connectivity between tenants or organizations in cases where Calendar Interop is deemed necessary for agency mission fulfillment.
 
 - Rationale
@@ -211,7 +166,7 @@ OAuth 2.0 SHALL be used in lieu of basic authentication to establish connectivit
 
 ### Implementation
 
-#### GWS.CALENDAR.4.1v0.1 Instructions
+#### GWS.CALENDAR.3.1v0.1 Instructions
 
 To configure the settings for Calendar Interop:
 
@@ -221,7 +176,7 @@ To configure the settings for Calendar Interop:
 4.  Uncheck the **Enable Interoperability for Calendar** checkbox.
 5.  Select **Save**.
 
-#### GWS.CALENDAR.4.2v0.1 Instructions
+#### GWS.CALENDAR.3.2v0.1 Instructions
 
 To configure the settings for Calendar Interop:
 
@@ -231,13 +186,13 @@ To configure the settings for Calendar Interop:
 4.  Select **OAuth 2.0 client credentials**
 5.  Select **Save**.
 
-## 5. Paid Appointments
+## 4. Paid Appointments
 
 This section covers whether or not the paid appointment booking feature is enabled.
 
 ### Policies
 
-#### GWS.CALENDAR.5.1v0.1
+#### GWS.CALENDAR.4.1v0.1
 Appointment Schedule with Payments SHALL be disabled.
 
 - Rationale
@@ -259,7 +214,7 @@ Appointment Schedule with Payments SHALL be disabled.
 
 ### Implementation
 
-#### GWS.CALENDAR.5.1v0.1 Instructions
+#### GWS.CALENDAR.4.1v0.1 Instructions
 
 1.  Sign in to the [Google Admin Console](https://admin.google.com).
 2.  Select **Apps -\> Google Workspace -\> Calendar**.

diff --git a/drift-rules/GWS Drift Monitoring Rules - Calendar.csv b/drift-rules/GWS Drift Monitoring Rules - Calendar.csv
@@ -1,9 +1,7 @@
 PolicyId,Name,Data Source,Event (Is),Setting Name (Is),New Value (Is Not),Rule ID,Last Successful Test
 GWS.CALENDAR.1.1v0.1,"External Sharing Options for Primary Calendars SHALL be configured to ""Only free/busy information (hide event details)” to restrict information sharing and prevent data leakage.",Admin Log Event,Change Calendar Setting,SHARING_OUTSIDE_DOMAIN,SHOW_ONLY_FREE_BUSY_INFORMATION,rules/00gjdgxs1clzmpm,JK 07-28-23 @ 12:08
-GWS.CALENDAR.1.2v0.1,External sharing options for primary calendars between multiple components within an organization MAY be configured.,N/A,N/A,N/A,N/A,N/A,Not Alertable
+GWS.CALENDAR.1.2v0.1,"External sharing options for secondary calendars SHALL be configured to ""Only free/busy information (hide event details)” to restrict information sharing and prevent data leakage.",Admin Log Event,Change Calendar Setting,SHARING_OUTSIDE_DOMAIN_FOR_SECONDARY_CALENDAR,SHOW_ONLY_FREE_BUSY_INFORMATION,rules/00gjdgxs3ob14fv,JK 07-28-23 @ 12:32
 GWS.CALENDAR.2.1v0.1,External invitations warnings SHALL be enabled to prompt users before sending invitations.,Admin Log Event,Change Calendar Setting,ENABLE_EXTERNAL_GUEST_PROMPT,true,rules/00gjdgxs26jpj72,JK 07-28-23 @ 12:20
-GWS.CALENDAR.3.1v0.1,"External sharing options for secondary calendars SHALL be configured to ""Only free/busy information (hide event details)” to restrict information sharing and prevent data leakage.",Admin Log Event,Change Calendar Setting,SHARING_OUTSIDE_DOMAIN_FOR_SECONDARY_CALENDAR,SHOW_ONLY_FREE_BUSY_INFORMATION,rules/00gjdgxs3ob14fv,JK 07-28-23 @ 12:32
-GWS.CALENDAR.3.2v0.1,External sharing options for secondary calendars between multiple components within an organization MAY be configured.,N/A,N/A,N/A,N/A,N/A,Not Alertable
-GWS.CALENDAR.4.1v0.1,Calendar Interop SHOULD be disabled unless agency mission fulfillment requires collaboration between users internal and external to an organization who use both Microsoft Exchange and Google Calendar.,Admin Log Event,Change Calendar Setting,ENABLE_EWS_INTEROP,false,rules/00gjdgxs3yipjmt,JK 07-28-23 @ 14:42
-GWS.CALENDAR.4.2v0.1,OAuth 2.0 SHALL be used in lieu of basic authentication to establish connectivity between tenants or organizations in cases where Calendar Interop is deemed necessary for agency mission fulfillment.,N/A,N/A,N/A,N/A,N/A,"Not able to create rule due to bug in rule wizard. Applicable log event exists, but is not selectable within rule wizard."
-GWS.CALENDAR.5.1v0.1,Appointment Schedule with Payments SHALL be disabled.,Admin Log Event,Change Application Setting,CalendarAppointmentSlotAdminSettingsProto payments_enabled,false,rules/00gjdgxs3oppjwl,JK 09-08-23 @ 10:47
+GWS.CALENDAR.3.1v0.1,Calendar Interop SHOULD be disabled unless agency mission fulfillment requires collaboration between users internal and external to an organization who use both Microsoft Exchange and Google Calendar.,Admin Log Event,Change Calendar Setting,ENABLE_EWS_INTEROP,false,rules/00gjdgxs3yipjmt,JK 07-28-23 @ 14:42
+GWS.CALENDAR.3.2v0.1,OAuth 2.0 SHALL be used in lieu of basic authentication to establish connectivity between tenants or organizations in cases where Calendar Interop is deemed necessary for agency mission fulfillment.,N/A,N/A,N/A,N/A,N/A,"Not able to create rule due to bug in rule wizard. Applicable log event exists, but is not selectable within rule wizard."
+GWS.CALENDAR.4.1v0.1,Appointment Schedule with Payments SHALL be disabled.,Admin Log Event,Change Application Setting,CalendarAppointmentSlotAdminSettingsProto payments_enabled,false,rules/00gjdgxs3oppjwl,JK 09-08-23 @ 10:47
diff --git a/rego/Calendar.rego b/rego/Calendar.rego
@@ -53,19 +53,6 @@ if {
 }
 #--
 
-#
-# Baseline GWS.CALENDAR.1.2v0.1
-#--
-tests contains {
-    "PolicyId": "GWS.CALENDAR.1.2v0.1",
-    "Criticality": "May/Not-Implemented",
-    "ReportDetails": "Currently not able to be tested automatically; please manually check.",
-    "ActualValue": "",
-    "RequirementMet": false,
-    "NoSuchEvent": true
-}
-#--
-
 ##################
 # GWS.CALENDAR.2 #
 ##################
@@ -186,20 +173,6 @@ if {
 }
 #--
 
-#
-# Baseline GWS.CALENDAR.3.2v0.1
-#--
-tests contains {
-    "PolicyId": "GWS.CALENDAR.3.2v0.1",
-    "Criticality": "May/Not-Implemented",
-    "ReportDetails": "Currently not able to be tested automatically; please manually check.",
-    "ActualValue": "",
-    "RequirementMet": false,
-    "NoSuchEvent": true
-}
-#--
-
-
 
 ##################
 # GWS.CALENDAR.4 #