| Source | Azure Portal | ||||||||||||||||||||||
| Display name | Microsoft Managed Control 1337 - Authenticator Management | In-Person Or Trusted Third-Party Registration | ||||||||||||||||||||||
| Id | 463e5220-3f79-4e24-a63f-343e4096cd22 | ||||||||||||||||||||||
| Version | 1.0.0 Details on versioning |
||||||||||||||||||||||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||||||||||||||||||||||
| Category | Regulatory Compliance Microsoft Learn |
||||||||||||||||||||||
| Description | Microsoft implements this Identification and Authentication control | ||||||||||||||||||||||
| Cloud environments | AzureCloud = true AzureUSGovernment = true AzureChinaCloud = unknown |
||||||||||||||||||||||
| Available in AzUSGov | The Policy is available in AzureUSGovernment cloud. Version: '1.0.0' Repository: Azure-Policy 463e5220-3f79-4e24-a63f-343e4096cd22 |
||||||||||||||||||||||
| Additional metadata |
Name/Id: ACF1337 / Microsoft Managed Control 1337 Category: Identification and Authentication Title: Authenticator Management | In-Person Or Trusted Third-Party Registration Ownership: Customer, Microsoft Description: The organization requires that the registration process to receive Microsoft Smartcards/Azure Infrastructure Smartcards be conducted In person or FexEd before Microsoft GSAM with authorization by Account manager identified in One Identity. Requirements: All user access is via smart card. As part of the Azure registration process, Microsoft requires users within Azure to obtain their smart card in person or via FedEx signature-required delivery. Cards are shipped via FedEx in a deactivated state and cannot be used until they are activated. A note is added to the cardkey account, confirming the shipping number for tracking. Shipments require a signature for delivery. Badges are not activated until Core Services Engineering and Operations (CSEO) receives a confirmation email from the recipient, recipient's manager, AAM, or Security. If the user is located in the Puget Sound region, they must come to the main Microsoft campus to pick up their smart card. If the user is outside of the Puget Sound region, the smart card is shipped directly to the individual and auto-disabled until activated by the user. The recipient must email the ticketing team from their Microsoft corporate email. The ticketing team provides the response. The smart card team works with the recipient to unlock their smart card via the ticketing tool. |
||||||||||||||||||||||
| Mode | Indexed | ||||||||||||||||||||||
| Type | Static | ||||||||||||||||||||||
| Preview | False | ||||||||||||||||||||||
| Deprecated | False | ||||||||||||||||||||||
| Effect | Fixed audit |
||||||||||||||||||||||
| RBAC role(s) | none | ||||||||||||||||||||||
| Rule aliases | none | ||||||||||||||||||||||
| Rule resource types | IF (2) |
||||||||||||||||||||||
| Compliance |
The following 1 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1337 - Authenticator Management | In-Person Or Trusted Third-Party Registration' (463e5220-3f79-4e24-a63f-343e4096cd22)
| ||||||||||||||||||||||
| Initiatives usage |
|
||||||||||||||||||||||
| History | none | ||||||||||||||||||||||
| JSON compare | n/a | ||||||||||||||||||||||
| JSON |
|