Merge pull request KelvinTegelaar#1647 from kris6673/teams-chat-protection

Implement new Teams Chat Protection settings and update module

Author: JohnDuprey

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardActivityBasedTimeout.ps1

@@ -13,8 +13,11 @@ function Invoke-CIPPStandardActivityBasedTimeout {
         CAT
             Global Standards
         TAG
-            "CIS"
+            "CIS M365 5.0 (1.3.2)"
             "spo_idle_session_timeout"
+            "NIST CSF 2.0 (PR.AA-03)"
+        EXECUTIVETEXT
+            Automatically logs out inactive users from Microsoft 365 applications after a specified time period to prevent unauthorized access to company data on unattended devices. This security measure protects against data breaches when employees leave workstations unlocked.
         ADDEDCOMPONENT
             {"type":"autoComplete","multiple":false,"creatable":false,"label":"Select value","name":"standards.ActivityBasedTimeout.timeout","options":[{"label":"1 Hour","value":"01:00:00"},{"label":"3 Hours","value":"03:00:00"},{"label":"6 Hours","value":"06:00:00"},{"label":"12 Hours","value":"12:00:00"},{"label":"24 Hours","value":"1.00:00:00"}]}
         IMPACT

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAddDKIM.ps1

@@ -13,7 +13,9 @@ function Invoke-CIPPStandardAddDKIM {
         CAT
             Exchange Standards
         TAG
-            "CIS"
+            "CIS M365 5.0 (2.1.9)"
+        EXECUTIVETEXT
+            Enables email authentication technology that digitally signs outgoing emails to verify they actually came from your organization. This prevents email spoofing, improves email deliverability, and protects the company's reputation by ensuring recipients can trust emails from your domains.
         ADDEDCOMPONENT
         IMPACT
             Low Impact

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAddDMARCToMOERA.ps1

@@ -13,9 +13,11 @@ function Invoke-CIPPStandardAddDMARCToMOERA {
         CAT
             Global Standards
         TAG
-            "CIS"
+            "CIS M365 5.0 (2.1.10)"
             "Security"
             "PhishingProtection"
+        EXECUTIVETEXT
+            Implements advanced email security for Microsoft's default domain names (onmicrosoft.com) to prevent criminals from impersonating your organization. This blocks fraudulent emails that could damage your company's reputation and protects partners and customers from phishing attacks using your domain names.
         ADDEDCOMPONENT
             {"type":"autoComplete","multiple":false,"creatable":true,"required":false,"placeholder":"v=DMARC1; p=reject; (recommended)","label":"Value","name":"standards.AddDMARCToMOERA.RecordValue","options":[{"label":"v=DMARC1; p=reject; (recommended)","value":"v=DMARC1; p=reject;"}]}
         IMPACT

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAnonReportDisable.ps1

@@ -13,6 +13,8 @@ function Invoke-CIPPStandardAnonReportDisable {
         CAT
             Global Standards
         TAG
+        EXECUTIVETEXT
+            Configures Microsoft 365 reports to display actual usernames instead of anonymized identifiers, enabling IT administrators to effectively troubleshoot issues and generate meaningful usage reports. This improves operational efficiency and system management capabilities.
         ADDEDCOMPONENT
         IMPACT
             Low Impact

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAntiPhishPolicy.ps1

@@ -13,14 +13,15 @@ function Invoke-CIPPStandardAntiPhishPolicy {
         CAT
             Defender Standards
         TAG
-            "CIS"
             "mdo_safeattachments"
             "mdo_highconfidencespamaction"
             "mdo_highconfidencephishaction"
             "mdo_phisspamacation"
             "mdo_spam_notifications_only_for_admins"
             "mdo_antiphishingpolicies"
             "mdo_phishthresholdlevel"
+            "CIS M365 5.0 (2.1.7)"
+            "NIST CSF 2.0 (DE.CM-09)"
         ADDEDCOMPONENT
             {"type":"number","label":"Phishing email threshold. (Default 1)","name":"standards.AntiPhishPolicy.PhishThresholdLevel","defaultValue":1}
             {"type":"switch","label":"Show first contact safety tip","name":"standards.AntiPhishPolicy.EnableFirstContactSafetyTips","defaultValue":true}

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAntiSpamSafeList.ps1

@@ -13,6 +13,9 @@ function Invoke-CIPPStandardAntiSpamSafeList {
         CAT
             Defender Standards
         TAG
+            "CIS M365 5.0 (2.1.13)"
+        EXECUTIVETEXT
+            Enables Microsoft's pre-approved list of trusted email servers to improve email delivery from legitimate sources while maintaining spam protection. This reduces false positives where legitimate emails might be blocked while still protecting against spam and malicious emails.
         ADDEDCOMPONENT
             {"type":"switch","name":"standards.AntiSpamSafeList.EnableSafeList","label":"Enable Safe List"}
         IMPACT

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAppDeploy.ps1

@@ -13,6 +13,8 @@ function Invoke-CIPPStandardAppDeploy {
         CAT
             Entra (AAD) Standards
         TAG
+        EXECUTIVETEXT
+            Automatically deploys approved business applications across all company locations and users, ensuring consistent access to essential tools and maintaining standardized software configurations. This streamlines application management and reduces IT deployment overhead.
         ADDEDCOMPONENT
             {"type":"select","multiple":false,"creatable":false,"label":"App Approval Mode","name":"standards.AppDeploy.mode","options":[{"label":"Template","value":"template"},{"label":"Copy Permissions","value":"copy"}]}
             {"type":"autoComplete","multiple":true,"creatable":false,"label":"Select Applications","name":"standards.AppDeploy.templateIds","api":{"url":"/api/ListAppApprovalTemplates","labelField":"TemplateName","valueField":"TemplateId","queryKey":"StdAppApprovalTemplateList","addedField":{"AppId":"AppId"}},"condition":{"field":"standards.AppDeploy.mode","compareType":"is","compareValue":"template"}}

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAtpPolicyForO365.ps1

@@ -13,7 +13,8 @@ function Invoke-CIPPStandardAtpPolicyForO365 {
         CAT
             Defender Standards
         TAG
-            "CIS"
+            "CIS M365 5.0 (2.1.5)"
+            "NIST CSF 2.0 (DE.CM-09)"
         ADDEDCOMPONENT
             {"type":"switch","label":"Allow people to click through Protected View even if Safe Documents identified the file as malicious","name":"standards.AtpPolicyForO365.AllowSafeDocsOpen","defaultValue":false,"required":false}
         IMPACT

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAuditLog.ps1

@@ -13,8 +13,11 @@ function Invoke-CIPPStandardAuditLog {
         CAT
             Global Standards
         TAG
-            "CIS"
+            "CIS M365 5.0 (3.1.1)"
             "mip_search_auditlog"
+            "NIST CSF 2.0 (DE.CM-09)"
+        EXECUTIVETEXT
+            Activates comprehensive activity logging across Microsoft 365 services to track user actions, system changes, and security events. This provides essential audit trails for compliance requirements, security investigations, and regulatory reporting.
         ADDEDCOMPONENT
         IMPACT
             Low Impact

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAuthMethodsPolicyMigration.ps1

@@ -13,14 +13,17 @@ function Invoke-CIPPStandardAuthMethodsPolicyMigration {
         CAT
             Entra (AAD) Standards
         TAG
+        EXECUTIVETEXT
+            Completes the transition from legacy authentication policies to Microsoft's modern unified authentication methods policy, ensuring the organization benefits from the latest security features and management capabilities. This migration enables enhanced security controls and simplified policy management.
         ADDEDCOMPONENT
         IMPACT
             Medium Impact
         ADDEDDATE
-            2025-01-08
+            2025-07-07
         POWERSHELLEQUIVALENT
             Update-MgBetaPolicyAuthenticationMethodPolicy
         RECOMMENDEDBY
+            "CIPP"
         UPDATECOMMENTBLOCK
             Run the Tools\Update-StandardsComments.ps1 script to update this comment block
     .LINK