AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

Provide capability to disconnect or disable remote access | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Provide capability to disconnect or disable remote access
Id 4edaca8c-0912-1ac5-9eaa-6a1057740fae
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1066 - Provide capability to disconnect or disable remote access
Additional metadata Name/Id: CMA_C1066 / CMA_C1066
Category: Operational
Title: Provide capability to disconnect or disable remote access
Ownership: Customer
Description: The customer is responsible for ensuring the customer-deployed system has the capability to rapidly disconnect or disable remote access.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 5 compliance controls are associated with this Policy definition 'Provide capability to disconnect or disable remote access' (4edaca8c-0912-1ac5-9eaa-6a1057740fae)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 AC-17(9) FedRAMP_High_R4_AC-17(9) FedRAMP High AC-17 (9) Access Control Disconnect / Disable Access Shared n/a The organization provides the capability to expeditiously disconnect or disable remote access to the information system within [Assignment: organization-defined time period]. Supplemental Guidance: This control enhancement requires organizations to have the capability to rapidly disconnect current users remotely accessing the information system and/or disable further remote access. The speed of disconnect or disablement varies based on the criticality of missions/business functions and the need to eliminate immediate or future remote access to organizational information systems. link 1
FedRAMP_Moderate_R4 AC-17(9) FedRAMP_Moderate_R4_AC-17(9) FedRAMP Moderate AC-17 (9) Access Control Disconnect / Disable Access Shared n/a The organization provides the capability to expeditiously disconnect or disable remote access to the information system within [Assignment: organization-defined time period]. Supplemental Guidance: This control enhancement requires organizations to have the capability to rapidly disconnect current users remotely accessing the information system and/or disable further remote access. The speed of disconnect or disablement varies based on the criticality of missions/business functions and the need to eliminate immediate or future remote access to organizational information systems. link 1
hipaa 0902.09s2Organizational.13-09.s hipaa-0902.09s2Organizational.13-09.s 0902.09s2Organizational.13-09.s 09 Transmission Protection 0902.09s2Organizational.13-09.s 09.08 Exchange of Information Shared n/a Remote (external) access to the organization's information assets and access to external information assets (for which the organization has no control) is based on clearly defined terms and conditions. 14
NIST_SP_800-53_R4 AC-17(9) NIST_SP_800-53_R4_AC-17(9) NIST SP 800-53 Rev. 4 AC-17 (9) Access Control Disconnect / Disable Access Shared n/a The organization provides the capability to expeditiously disconnect or disable remote access to the information system within [Assignment: organization-defined time period]. Supplemental Guidance: This control enhancement requires organizations to have the capability to rapidly disconnect current users remotely accessing the information system and/or disable further remote access. The speed of disconnect or disablement varies based on the criticality of missions/business functions and the need to eliminate immediate or future remote access to organizational information systems. link 1
NIST_SP_800-53_R5 AC-17(9) NIST_SP_800-53_R5_AC-17(9) NIST SP 800-53 Rev. 5 AC-17 (9) Access Control Disconnect or Disable Access Shared n/a Provide the capability to disconnect or disable remote access to the system within [Assignment: organization-defined time period]. link 1
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 4edaca8c-0912-1ac5-9eaa-6a1057740fae
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC