AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Azure Edge Hardware Center devices should have double encryption support enabled

Azure BuiltIn Policy definition

Source Azure Portal
Display name Azure Edge Hardware Center devices should have double encryption support enabled
Id 08a6b96f-576e-47a2-8511-119a212d344d
Version 2.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
2.0.0
Built-in Versioning [Preview]
Category Azure Edge Hardware Center
Microsoft Learn
Description Ensure that devices ordered from Azure Edge Hardware Center have double encryption support enabled, to secure the data at rest on the device. This option adds a second layer of data encryption.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.EdgeOrder/orderItems/orderItemDetails.preferences.encryptionPreferences.doubleEncryptionStatus Microsoft.EdgeOrder orderItems properties.orderItemDetails.preferences.encryptionPreferences.doubleEncryptionStatus True False
Microsoft.EdgeOrder/orderItems/orderItemDetails.productDetails.productDoubleEncryptionStatus Microsoft.EdgeOrder orderItems properties.orderItemDetails.productDetails.productDoubleEncryptionStatus True False
Rule resource types IF (1)
Microsoft.EdgeOrder/orderItems
Compliance
The following 6 compliance controls are associated with this Policy definition 'Azure Edge Hardware Center devices should have double encryption support enabled' (08a6b96f-576e-47a2-8511-119a212d344d)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
NL_BIO_Cloud_Theme U.05.1(2) NL_BIO_Cloud_Theme_U.05.1(2) NL_BIO_Cloud_Theme_U.05.1(2) U.05 Data protection Cryptographic measures n/a Data transport is secured with cryptography to the latest state of the art (in accordance with the Forum for Standardization), whereby the key management is carried out by the CSC itself if possible. 17
NL_BIO_Cloud_Theme U.05.2(2) NL_BIO_Cloud_Theme_U.05.2(2) NL_BIO_Cloud_Theme_U.05.2(2) U.05 Data protection Cryptographic measures n/a Data stored in the cloud service shall be protected to the latest state of the art with encryption and with a key length sufficient at least for the purpose, whereby the key management is not purchased as a cloud service if possible and is carried out by the CSC itself. 52
NL_BIO_Cloud_Theme U.11.3(2) NL_BIO_Cloud_Theme_U.11.3(2) NL_BIO_Cloud_Theme_U.11.3(2) U.11 Cryptoservices Encrypted n/a Sensitive data (on transport and at rest) is always encrypted, with private keys managed by the CSC. The use of a private key by the CSP is based on a controlled procedure and must be jointly agreed with the CSC organisation. 52
U.05.1 - Cryptographic measures U.05.1 - Cryptographic measures 404 not found n/a n/a 17
U.05.2 - Cryptographic measures U.05.2 - Cryptographic measures 404 not found n/a n/a 51
U.11.3 - Encrypted U.11.3 - Encrypted 404 not found n/a n/a 51
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
NL BIO Cloud Theme 6ce73208-883e-490f-a2ac-44aac3b3687f Regulatory Compliance GA BuiltIn
NL BIO Cloud Theme V2 d8b2ffbe-c6a8-4622-965d-4ade11d1d2ee Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-01-14 17:44:09 change Major (1.0.0 > 2.0.0)
2021-07-30 15:17:20 add 08a6b96f-576e-47a2-8511-119a212d344d
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC