| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1462 - Monitoring Physical Access | ||
| Id | 9b1f3a9a-13a1-4b40-8420-36bca6fd8c02 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Physical and Environmental Protection control | ||
| Additional metadata |
Name/Id: ACF1462 / Microsoft Managed Control 1462 Category: Physical and Environmental Protection Title: Monitoring Physical Access - Reviewing Access Logs Ownership: Microsoft Description: The organization: Reviews physical access logs Continuously and upon occurrence of Indications or a report of an incident; and Requirements: To access an Azure datacenter, a person must have a DCAT request approved by the Datacenter Management (DCM) team. In order to enter an Azure datacenter, a person must check-in with the datacenter security operations center (SOC) to facilitate/activate their access that is manned twenty-four (24) hours a day, seven (7) days a week. A person’s physical access within the datacenter is reviewed continuously by the Control Room Supervisor in the SOC. The Control Room Supervisor monitors live camera feeds within the datacenter as well as the alarm monitoring system reports from all physical security access devices within the datacenter. Physical access is reported in the alarm monitoring system as approved or failed. Failed access results in an alarm status that requires action by the Control Room Supervisor. The Control Room Supervisor can dispatch a responder for further investigation if needed. The physical access logs in the alarm monitoring system are reviewed continuously but are also available log files for subsequent investigative review. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|