AzPolicyAdvertizer

last sync: 2025-Oct-30 18:23:17 UTC

Ensure system capable of dynamic isolation of resources | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Ensure system capable of dynamic isolation of resources
Id 83eea3d3-0d2c-9ccd-1021-2111b29b2a62
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1638 - Ensure system capable of dynamic isolation of resources
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Additional metadata Name/Id: CMA_C1638 / CMA_C1638
Category: Operational
Title: Ensure system capable of dynamic isolation of resources
Ownership: Customer
Description: The customer is responsible for ensuring that the system has the capability to dynamically isolate customer-deployed resources.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Compliance
The following 4 compliance controls are associated with this Policy definition 'Ensure system capable of dynamic isolation of resources' (83eea3d3-0d2c-9ccd-1021-2111b29b2a62)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 SC-7(20) FedRAMP_High_R4_SC-7(20) FedRAMP High SC-7 (20) System And Communications Protection Dynamic Isolation / Segregation Shared n/a The information system provides the capability to dynamically isolate/segregate [Assignment: organization-defined information system components] from other components of the system. Supplemental Guidance: The capability to dynamically isolate or segregate certain internal components of organizational information systems is useful when it is necessary to partition or separate certain components of dubious origin from those components possessing greater trustworthiness. Component isolation reduces the attack surface of organizational information systems. Isolation of selected information system components is also a means of limiting the damage from successful cyber attacks when those attacks occur. link 1
hipaa 0817.01w2System.123-01.w hipaa-0817.01w2System.123-01.w 0817.01w2System.123-01.w 08 Network Protection 0817.01w2System.123-01.w 01.06 Application and Information Access Control Shared n/a Unless the risk is identified and accepted by the data owner, sensitive systems are isolated (physically or logically) from non-sensitive applications/systems. 13
NIST_SP_800-53_R4 SC-7(20) NIST_SP_800-53_R4_SC-7(20) NIST SP 800-53 Rev. 4 SC-7 (20) System And Communications Protection Dynamic Isolation / Segregation Shared n/a The information system provides the capability to dynamically isolate/segregate [Assignment: organization-defined information system components] from other components of the system. Supplemental Guidance: The capability to dynamically isolate or segregate certain internal components of organizational information systems is useful when it is necessary to partition or separate certain components of dubious origin from those components possessing greater trustworthiness. Component isolation reduces the attack surface of organizational information systems. Isolation of selected information system components is also a means of limiting the damage from successful cyber attacks when those attacks occur. link 1
NIST_SP_800-53_R5 SC-7(20) NIST_SP_800-53_R5_SC-7(20) NIST SP 800-53 Rev. 5 SC-7 (20) System and Communications Protection Dynamic Isolation and Segregation Shared n/a Provide the capability to dynamically isolate [Assignment: organization-defined system components] from other system components. link 1
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn true
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn unknown
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn true
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn true
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 83eea3d3-0d2c-9ccd-1021-2111b29b2a62
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC