last sync: 2024-Apr-24 17:46:58 UTC

Microsoft Managed Control 1455 - Physical Access Control | Regulatory Compliance - Physical and Environmental Protection

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1455 - Physical Access Control
Id 068a88d4-e520-434e-baf0-9005a8164e6a
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Physical and Environmental Protection control
Additional metadata Name/Id: ACF1455 / Microsoft Managed Control 1455
Category: Physical and Environmental Protection
Title: Physical Access Control - Securing Keys And Other Access Devices
Ownership: Microsoft
Description: The organization: Secures keys, combinations, and other physical access devices;
Requirements: Physical keys and temporary access badges are secured within the datacenter security operations center. Temporary access badges are stored within the access controlled security operations center (SOC) and inventoried at the beginning and end of each shift. Security officers are staffed twenty-four (24) hours a day, seven (7) days a week. Physical keys are stored in an electronic key management system. These key management systems are linked to the physical access system and require a security officer’s pin and access badge to gain access. Keys are checked out to specific personnel by matching the person’s access badge to the physical key. A person must have the appropriate access level in DCAT to allow them to check out specific keys. Key inventories are conducted during each shift and keys are not allowed to be taken offsite.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC