last sync: 2023-Jun-06 18:29:21 UTC

Azure Policy definition

Terminate customer controlled account credentials

Name Terminate customer controlled account credentials
Azure Portal
Id 76d66b5c-85e4-93f5-96a5-ebb2fad61dc6
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1022 - Terminate customer controlled account credentials
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)
none
Rule
Aliases
Rule
ResourceTypes
IF (1)
Microsoft.Resources/subscriptions
Compliance The following 6 compliance controls are associated with this Policy definition 'Terminate customer controlled account credentials' (76d66b5c-85e4-93f5-96a5-ebb2fad61dc6)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 AC-2(10) FedRAMP_High_R4_AC-2(10) FedRAMP High AC-2 (10) Access Control Shared / Group Account Credential Termination Shared n/a The information system terminates shared/group account credentials when members leave the group. link 1
FedRAMP_Moderate_R4 AC-2(10) FedRAMP_Moderate_R4_AC-2(10) FedRAMP Moderate AC-2 (10) Access Control Shared / Group Account Credential Termination Shared n/a The information system terminates shared/group account credentials when members leave the group. link 1
ISO27001-2013 A.10.1.2 ISO27001-2013_A.10.1.2 ISO 27001:2013 A.10.1.2 Cryptography Key Management Shared n/a A policy on the use, protection and lifetime of cryptographic keys shall be developed and implemented through their whole lifecycle. link 15
ISO27001-2013 A.9.3.1 ISO27001-2013_A.9.3.1 ISO 27001:2013 A.9.3.1 Access Control Use of secret authentication information Shared n/a Users shall be required to follow the organization's practices in the use of secret authentication information. link 15
NIST_SP_800-53_R4 AC-2(10) NIST_SP_800-53_R4_AC-2(10) NIST SP 800-53 Rev. 4 AC-2 (10) Access Control Shared / Group Account Credential Termination Shared n/a The information system terminates shared/group account credentials when members leave the group. link 1
PCI_DSS_v4.0 8.2.2 PCI_DSS_v4.0_8.2.2 PCI DSS v4.0 8.2.2 Requirement 08: Identify Users and Authenticate Access to System Components User identification and related accounts for users and administrators are strictly managed throughout an account’s lifecycle Shared n/a Group, shared, or generic accounts, or other shared authentication credentials are only used when necessary on an exception basis, and are managed as follows: • Account use is prevented unless needed for an exceptional circumstance. • Use is limited to the time needed for the exceptional circumstance. • Business justification for use is documented. • Use is explicitly approved by management. • Individual user identity is confirmed before access to an account is granted. • Every action taken is attributable to an individual user. link 4
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 76d66b5c-85e4-93f5-96a5-ebb2fad61dc6
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
PCI DSS v4 c676748e-3af9-4e22-bc28-50feed564afb Regulatory Compliance GA BuiltIn
JSON