| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1341 - Authenticator Management | Multiple Information System Accounts | ||
| Id | 34cb7e92-fe4c-4826-b51e-8cd203fa5d35 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Identification and Authentication control | ||
| Additional metadata |
Name/Id: ACF1341 / Microsoft Managed Control 1341 Category: Identification and Authentication Title: Authenticator Management | Multiple Information System Accounts Ownership: Customer, Microsoft Description: The organization implements unique smart cards to manage the risk of compromise due to individuals having accounts on multiple information systems. Requirements: Azure uses smart cards that differentiate between different AD domains. This ensures that personnel use different authenticators when accessing the two systems and prevents an attacker from gaining access to both systems if one set of authenticators is compromised. In addition, Azure uses single-sign-on, encryption of AAD passwords that exist in the back-end and passwords utilized where smartcards are not possible via storage in Azure Key Vault, and encryption of all traffic with HTTPS, mitigating the risk of compromise. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|