last sync: 2024-Jun-14 18:20:16 UTC

Microsoft Managed Control 1324 - Authenticator Management | Regulatory Compliance - Identification and Authentication

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1324 - Authenticator Management
Id 8cfea2b3-7f77-497e-ac20-0752f2ff6eee
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Identification and Authentication control
Additional metadata Name/Id: ACF1324 / Microsoft Managed Control 1324
Category: Identification and Authentication
Title: Authenticator Management - Protection
Ownership: Customer, Microsoft
Description: The organization manages information system authenticators by: Protecting authenticator content from unauthorized disclosure and modification;
Requirements: Azure utilizes obscuring mechanisms to protect authenticator content in accordance with the Active Directory settings, specifically the use of encryption to protect authenticator information for encryption and storage. This includes maintaining possession of individual authenticators, not loaning or sharing authenticators with others, and reporting lost or compromised authenticators immediately.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC