last sync: 2024-Jul-17 18:20:29 UTC

Microsoft Managed Control 1428 - Media Access | Regulatory Compliance - Media Protection

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1428 - Media Access
Id 0a77fcc7-b8d8-451a-ab52-56197913c0c7
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Media Protection control
Additional metadata Name/Id: ACF1428 / Microsoft Managed Control 1428
Category: Media Protection
Title: Media Access
Ownership: Microsoft
Description: The organization restricts access to all media to personnel with a legitimate business purpose.
Requirements: Azure has implemented media access through the implementation of the Microsoft Security Program Policy (MSPP). Logical access to digital media is controlled via Active Directory Group Policy Objects (AD GPOs) and security groups in OneIdentity. Physical access to all media is restricted by the datacenter access process. Access is restricted to individuals who have a legitimate business purpose for accessing the data. The Asset Protection Standard defines the safeguards required to protect the confidentiality, integrity, and availability of information assets within Azure datacenters . Azure considers digital media for this control to be the server and network device assets secured at Azure datacenters . Non-digital media is not used for storage of Azure information.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC