AzPolicyAdvertizer

last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

Ensure system capable of dynamic isolation of resources

Name Ensure system capable of dynamic isolation of resources
Azure Portal
Id 83eea3d3-0d2c-9ccd-1021-2111b29b2a62
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1638 - Ensure system capable of dynamic isolation of resources
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)		 none
Rule
Aliases
Rule
ResourceTypes		 IF (1)
Microsoft.Resources/subscriptions
Compliance The following 4 compliance controls are associated with this Policy definition 'Ensure system capable of dynamic isolation of resources' (83eea3d3-0d2c-9ccd-1021-2111b29b2a62)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 SC-7(20) FedRAMP_High_R4_SC-7(20) FedRAMP High SC-7 (20) System And Communications Protection Dynamic Isolation / Segregation Shared n/a The information system provides the capability to dynamically isolate/segregate [Assignment: organization-defined information system components] from other components of the system. Supplemental Guidance: The capability to dynamically isolate or segregate certain internal components of organizational information systems is useful when it is necessary to partition or separate certain components of dubious origin from those components possessing greater trustworthiness. Component isolation reduces the attack surface of organizational information systems. Isolation of selected information system components is also a means of limiting the damage from successful cyber attacks when those attacks occur. link 1
hipaa 0817.01w2System.123-01.w hipaa-0817.01w2System.123-01.w 0817.01w2System.123-01.w 08 Network Protection 0817.01w2System.123-01.w 01.06 Application and Information Access Control Shared n/a Unless the risk is identified and accepted by the data owner, sensitive systems are isolated (physically or logically) from non-sensitive applications/systems. 13
NIST_SP_800-53_R4 SC-7(20) NIST_SP_800-53_R4_SC-7(20) NIST SP 800-53 Rev. 4 SC-7 (20) System And Communications Protection Dynamic Isolation / Segregation Shared n/a The information system provides the capability to dynamically isolate/segregate [Assignment: organization-defined information system components] from other components of the system. Supplemental Guidance: The capability to dynamically isolate or segregate certain internal components of organizational information systems is useful when it is necessary to partition or separate certain components of dubious origin from those components possessing greater trustworthiness. Component isolation reduces the attack surface of organizational information systems. Isolation of selected information system components is also a means of limiting the damage from successful cyber attacks when those attacks occur. link 1
NIST_SP_800-53_R5 SC-7(20) NIST_SP_800-53_R5_SC-7(20) NIST SP 800-53 Rev. 5 SC-7 (20) System and Communications Protection Dynamic Isolation and Segregation Shared n/a Provide the capability to dynamically isolate [Assignment: organization-defined system components] from other system components. link 1
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 83eea3d3-0d2c-9ccd-1021-2111b29b2a62
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
JSON