| Source | Azure Portal | ||||||
| Display name | Microsoft Managed Control 1303 - User Identification And Authentication | Local Access To Privileged Accounts | ||||||
| Id | 80ca0a27-918a-4604-af9e-723a27ee51e8 | ||||||
| Version | 1.0.1 Details on versioning |
||||||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||||||
| Category | Regulatory Compliance Microsoft Learn |
||||||
| Description | Microsoft implements this Identification and Authentication control | ||||||
| Additional metadata |
Name/Id: ACF1303 / Microsoft Managed Control 1303 Category: Identification and Authentication Title: User Identification And Authentication | Local Access To Privileged Accounts Ownership: Microsoft Description: The information system implements multifactor authentication for local access to privileged accounts. Requirements: Local access, defined as access to Azure via direct connection without the use of a network, is physically restricted at every component within Azure environment. Azure administration is performed via the private internal network unless a specific troubleshooting issue occurs that requires physical access to the asset. Therefore, there is no local access unless physical access is required. Local administrator access is only used to troubleshoot issues in instances where the asset is experiencing network issues and domain authentication is not working. Azure employs additional access control mechanisms for physical access to the environment. Rooms within the Azure datacenters and Global Cloud Collaboration Centers (GCCCs) that contain all Azure assets within the system boundary are restricted through various physical security mechanisms, including the requirement for smart card badging access and biometric devices. |
||||||
| Mode | Indexed | ||||||
| Type | Static | ||||||
| Preview | False | ||||||
| Deprecated | False | ||||||
| Effect | Fixed audit |
||||||
| RBAC role(s) | none | ||||||
| Rule aliases | none | ||||||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||||||
| Compliance | Not a Compliance control | ||||||
| Initiatives usage | none | ||||||
| History |
|
||||||
| JSON compare |
compare mode:
version left:
version right:
|
||||||
| JSON |
|