| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1014 - Account Management | Removal Of Temporary / Emergency Accounts | ||
| Id | 5dee936c-8037-4df1-ab35-6635733da48c | ||
| Version | 1.0.0 Details on versioning |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Access Control control | ||
| Additional metadata |
Name/Id: ACF1014 / Microsoft Managed Control 1014 Category: Access Control Title: Account Management | Removal Of Temporary / Emergency Accounts Ownership: Customer, Microsoft Description: The information system automatically doesn't use temporary and emergency accounts. Requirements: The Microsoft Security Program Policy prohibits the use of temporary and emergency accounts. All local guest accounts are disabled on the system or platform wherever they are located. All account requests follow the standard account management process, including domain account request and approval and OneIdentity-based group management. For servers that are not domain-joined, the JIT process for granting access to a server includes creating and enabling a local account for the duration of access. Because this access is tied to a specific user’s domain account and requires that the user first authenticate using multifactor authentication, Azure does not consider this local account to be a temporary account for purposes of this control. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|