AzPolicyAdvertizer

last sync: 2025-Apr-29 17:16:02 UTC

Microsoft Managed Control 1619 - Information In Shared Resources | Regulatory Compliance - System and Communications Protection

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1619 - Information In Shared Resources
Id c722e569-cb52-45f3-a643-836547d016e1
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this System and Communications Protection control
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '1.0.0'
Repository: Azure-Policy c722e569-cb52-45f3-a643-836547d016e1
Additional metadata Name/Id: ACF1619 / Microsoft Managed Control 1619
Category: System and Communications Protection
Title: Information In Shared Resources
Ownership: Customer, Microsoft
Description: The information system prevents unauthorized and unintended information transfer via shared system resources.
Requirements: In order to transfer residual information on an Azure asset, the user must first access the asset. Azure prevents unauthorized and unintended information transfer by implementing several technical controls within the network, including isolation via VLANs and Network Security Groups (NSGs), and implementing strict flow control via ACLs to Azure from other internal Microsoft networks and from the internet. Strong access controls including multifactor authentication, JIT, and usage of security groups limit any unauthorized or unintended transfer of information through shared resources at an access control level. Azure performs logging and monitoring on all assets as a detective measure as well. Azure follows strict standards for overwriting storage resources before their reuse or the physical destruction of decommissioned hardware. Azure executes a complete deletion of data on customer request and on contract termination. Protection of Virtual Machines (VMs) is provided by hypervisor isolation of the Root OS from the Guest OS and the Guest OS from one another. The hypervisor acts like a micro-kernel and passes all hardware access requests from the Guest OS to the Root OS for processing using a shared-memory interface. This prevents users from obtaining raw read/write/execute access to the system and mitigates the risk of sharing system resources.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Compliance
The following 1 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1619 - Information In Shared Resources' (c722e569-cb52-45f3-a643-836547d016e1)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
NIS2 AM._Asset_Management_9 NIS2_AM._Asset_Management_9 NIS2_AM._Asset_Management_9 AM. Asset Management Human resources security, access control policies and asset management n/a The cybersecurity risk-management measures should therefore also address the physical and environmental security of network and information systems by including measures to protect such systems from system failures, human error, malicious acts or natural phenomena, in line with European and international standards, such as those included in the ISO/IEC 27000 series. In that regard, essential and important entities should, as part of their cybersecurity risk-management measures, also address human resources security and have in place appropriate access control policies. Those measures should be consistent with Directive (EU) 2022/2557. 28
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Preview]: NIS2 32ff9e30-4725-4ca7-ba3a-904a7721ee87 Regulatory Compliance Preview BuiltIn unknown
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC