AzPolicyAdvertizer

last sync: 2025-Apr-29 17:16:02 UTC

Microsoft Managed Control 1074 - Access Control for Portable And Mobile Systems | Regulatory Compliance - Access Control

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1074 - Access Control for Portable And Mobile Systems
Id 27a69937-af92-4198-9b86-08d355c7e59a
Version 1.0.1
Details on versioning
Versioning Versions supported for Versioning: 0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Access Control control
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '1.0.0'
Repository: Azure-Policy 27a69937-af92-4198-9b86-08d355c7e59a
Additional metadata Name/Id: ACF1074 / Microsoft Managed Control 1074
Category: Access Control
Title: Access Control for Mobile Devices - Prior Authorization
Ownership: Microsoft
Description: The organization: Authorizes the connection of mobile devices to organizational information systems.
Requirements: Mobile computing and data recording devices are not to be used in any of Microsoft’s production environments without prior approval by the Datacenter Management Team via an access request. Azure monitors for all unauthorized use of mobile devices in the Azure environment and performs investigations accordingly. Azure uses a green/red sticker system to identify authorized devices. Monitoring of unauthorized connections of mobile devices to servers is implemented by security officers that observe that all mobile devices used on servers must have corresponding entries in the DCAT system, which captures authorization for an individual to bring in a mobile device to the datacenter.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Compliance
The following 1 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1074 - Access Control for Portable And Mobile Systems' (27a69937-af92-4198-9b86-08d355c7e59a)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
NIS2 AM._Asset_Management_9 NIS2_AM._Asset_Management_9 NIS2_AM._Asset_Management_9 AM. Asset Management Human resources security, access control policies and asset management n/a The cybersecurity risk-management measures should therefore also address the physical and environmental security of network and information systems by including measures to protect such systems from system failures, human error, malicious acts or natural phenomena, in line with European and international standards, such as those included in the ISO/IEC 27000 series. In that regard, essential and important entities should, as part of their cybersecurity risk-management measures, also address human resources security and have in place appropriate access control policies. Those measures should be consistent with Directive (EU) 2022/2557. 28
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Preview]: NIS2 32ff9e30-4725-4ca7-ba3a-904a7721ee87 Regulatory Compliance Preview BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-04-01 20:29:14 change Patch (1.0.0 > 1.0.1)
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC