last sync: 2024-May-24 18:03:04 UTC

Microsoft Managed Control 1325 - Authenticator Management | Regulatory Compliance - Identification and Authentication

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1325 - Authenticator Management
Id 1845796a-7581-49b2-ae20-443121538e19
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Identification and Authentication control
Additional metadata Name/Id: ACF1325 / Microsoft Managed Control 1325
Category: Identification and Authentication
Title: Authenticator Management - Required Security Safeguards
Ownership: Customer, Microsoft
Description: The organization manages information system authenticators by: Requiring individuals to take, and having devices implement, specific security safeguards to protect authenticators; and
Requirements: Per the Microsoft Security Program Policy, authenticators must not be shared or revealed to anyone other than the authorized user. Additionally, authenticators must be promptly changed if they are suspected of being known by unauthorized individuals. Authenticators must not be written down or stored in readable form batch files, automatic log-in scripts, software macros, terminal function keys, in computers without access control, or in other locations where unauthorized persons might discover them and must be masked or encrypted both in storage and transmission. Azure utilizes credential scanning software to review Microsoft source code for unencrypted credentials, and implements Azure Storage automatic encryption for data at rest and HTTPS/TLS 1.2 everywhere for data in transit.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC