There are some security baselines being made available by different groups that can help you configure applications to be more secure by default. The US Department of Defense (DoD) is one organization has been providing these baselines for quite some time. So starting with these documents you can possibly find recommended settings to mitigate security issues that you may have not thought about. Some may not be palatable...like say, text only email for Outlook. 8-) They have a STIG for Firefox that is on my "to do" list to review and compare against our setup since our Firefox setup goes way back in time.
At the time I performed the work with Reader DC I was just working from a PDF document our ISO gave me. Since that time I discovered there are some GPOs available which would have saved me a bit of effort. At the time there was no Adobe DC Pro/Std STIG so I used the Reader one as my starting point, but there appear to be one for these applications. The issue I ran into is that the registry keys are painful to enter if you have to support multiple versions of Adobe products. So I created a lovely AutoIT script that can read a .reg file as input and then create the Group Policy Preference for me. I spent a bit of time learning/writing the AutoIT script, but if there was a newer version of Adobe Acrobat I just need to do a search/replace in the .reg file and add any additional entries for the new version. https://public.cyber.mil/stigs/ - Web site has links for Group Policy Objects & Document Library where you can download documents that provide insights into the settings. -----Original Message----- From: Enterprise <[email protected]> On Behalf Of Tanstaafl Sent: Tuesday, July 16, 2019 4:02 PM To: [email protected] Subject: Re: [Mozilla Enterprise] PDF files are printed in the wrong orientation On 7/15/2019, 3:30:13 PM, Eddie Rowe <[email protected]> wrote: > We also hardened our Adobe Reader setup using the DoD STIG so it nice > to have one set of settings to manage in GPO on the Windows side (we > don't speak Mac or Linux). Eddie, can you elaborate on this? IS this a GPO template or something that provides additional security? _______________________________________________ Enterprise mailing list [email protected] https://urldefense.proofpoint.com/v2/url?u=https-3A__mail.mozilla.org_listinfo_enterprise&d=DwIF-g&c=2WwxlqHD_9GeHFEUsOHZXg&r=a0pF-r4VjZCyzB4zxbRDcONPyw-KRRoDiBPd4lDRky8&m=9dFPCVIU3HCwWs0CXJ3OsgLFHNF2ZRpsuNpx93qpQHc&s=s-PMA59jo4b5hqSrOMT2E3SQWnJkJ92XTMh2k7_19Uk&e= To unsubscribe from this list, please visit https://urldefense.proofpoint.com/v2/url?u=https-3A__mail.mozilla.org_listinfo_enterprise&d=DwIF-g&c=2WwxlqHD_9GeHFEUsOHZXg&r=a0pF-r4VjZCyzB4zxbRDcONPyw-KRRoDiBPd4lDRky8&m=9dFPCVIU3HCwWs0CXJ3OsgLFHNF2ZRpsuNpx93qpQHc&s=s-PMA59jo4b5hqSrOMT2E3SQWnJkJ92XTMh2k7_19Uk&e= or send an email to [email protected] with a subject of "unsubscribe" _______________________________________________ Enterprise mailing list [email protected] https://mail.mozilla.org/listinfo/enterprise To unsubscribe from this list, please visit https://mail.mozilla.org/listinfo/enterprise or send an email to [email protected] with a subject of "unsubscribe"
