| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1467 - Visitor Access Records | ||
| Id | 5350cbf9-8bdd-4904-b22a-e88be84ca49d | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Physical and Environmental Protection control | ||
| Additional metadata |
Name/Id: ACF1467 / Microsoft Managed Control 1467 Category: Physical and Environmental Protection Title: Visitor Access Records - Reviewing Access Records Ownership: Microsoft Description: The organization: Reviews visitor access records Continuously. Requirements: Visitors are always required to be escorted. The escort’s access within the datacenter is logged within the alarm monitoring system and if necessary can be correlated to the visitor for future review. Visitor access is being reviewed continuously by the assigned escort and by the control room supervisor via CCTV and the alarm monitoring system. Visitors are not provided with access and must always be accompanied by their escorts. Visitors with an approved DCAT access request have their access request reviewed at the time their identification is verified against a form of a valid government issued ID or Microsoft issued badge. Visitors are always escorted while at the datacenter. Visitors approved for escorted access are issued a self-expiring sticky badge. Additionally, when a visitor concludes their visit by returning their sticky badge to the CRS, the CRS terminates the visitor’s DCAT access record during a final review. Azure maintains visitor access records within the DCAT database for possible future investigations. Additionally, visitors assigned a Visitor or Tour access level in DCAT are always required to have an escort present. The escort is responsible for reviewing the actions and access of their visitor during their visit to the datacenter. Azure Third-Party (Leased) Datacenters At leased datacenter locations, visitors to Microsoft areas are always required to be escorted and wear a badge that indicates their visitor status. The escort is responsible for reviewing the actions and access of their visitor during their visit to the datacenter. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|