AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Terminate customer controlled account credentials | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Terminate customer controlled account credentials
Id 76d66b5c-85e4-93f5-96a5-ebb2fad61dc6
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1022 - Terminate customer controlled account credentials
Additional metadata Name/Id: CMA_C1022 / CMA_C1022
Category: Operational
Title: Terminate customer controlled account credentials
Ownership: Customer
Description: The customer is responsible for the termination of customer-controlled shared/group account credentials.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 10 compliance controls are associated with this Policy definition 'Terminate customer controlled account credentials' (76d66b5c-85e4-93f5-96a5-ebb2fad61dc6)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 AC-2(10) FedRAMP_High_R4_AC-2(10) FedRAMP High AC-2 (10) Access Control Shared / Group Account Credential Termination Shared n/a The information system terminates shared/group account credentials when members leave the group. link 1
FedRAMP_Moderate_R4 AC-2(10) FedRAMP_Moderate_R4_AC-2(10) FedRAMP Moderate AC-2 (10) Access Control Shared / Group Account Credential Termination Shared n/a The information system terminates shared/group account credentials when members leave the group. link 1
ISO27001-2013 A.10.1.2 ISO27001-2013_A.10.1.2 ISO 27001:2013 A.10.1.2 Cryptography Key Management Shared n/a A policy on the use, protection and lifetime of cryptographic keys shall be developed and implemented through their whole lifecycle. link 15
ISO27001-2013 A.9.3.1 ISO27001-2013_A.9.3.1 ISO 27001:2013 A.9.3.1 Access Control Use of secret authentication information Shared n/a Users shall be required to follow the organization's practices in the use of secret authentication information. link 15
mp.s.2 Protection of web services and applications mp.s.2 Protection of web services and applications 404 not found n/a n/a 102
NIST_SP_800-53_R4 AC-2(10) NIST_SP_800-53_R4_AC-2(10) NIST SP 800-53 Rev. 4 AC-2 (10) Access Control Shared / Group Account Credential Termination Shared n/a The information system terminates shared/group account credentials when members leave the group. link 1
op.acc.2 Access requirements op.acc.2 Access requirements 404 not found n/a n/a 64
op.acc.5 Authentication mechanism (external users) op.acc.5 Authentication mechanism (external users) 404 not found n/a n/a 72
op.exp.10 Cryptographic key protection op.exp.10 Cryptographic key protection 404 not found n/a n/a 53
PCI_DSS_v4.0 8.2.2 PCI_DSS_v4.0_8.2.2 PCI DSS v4.0 8.2.2 Requirement 08: Identify Users and Authenticate Access to System Components User identification and related accounts for users and administrators are strictly managed throughout an account’s lifecycle Shared n/a Group, shared, or generic accounts, or other shared authentication credentials are only used when necessary on an exception basis, and are managed as follows: • Account use is prevented unless needed for an exceptional circumstance. • Use is limited to the time needed for the exceptional circumstance. • Business justification for use is documented. • Use is explicitly approved by management. • Individual user identity is confirmed before access to an account is granted. • Every action taken is attributable to an individual user. link 4
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
PCI DSS v4 c676748e-3af9-4e22-bc28-50feed564afb Regulatory Compliance GA BuiltIn
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 76d66b5c-85e4-93f5-96a5-ebb2fad61dc6
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC