last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

Isolate SecurID systems, Security Incident Management systems

Name Isolate SecurID systems, Security Incident Management systems
Azure Portal
Id dd6d00a8-701a-5935-a22b-c7b9c0c698b2
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1636 - Isolate SecurID systems, Security Incident Management systems
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)
none
Rule
Aliases
Rule
ResourceTypes
IF (1)
Microsoft.Resources/subscriptions
Compliance The following 7 compliance controls are associated with this Policy definition 'Isolate SecurID systems, Security Incident Management systems' (dd6d00a8-701a-5935-a22b-c7b9c0c698b2)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 SC-7(13) FedRAMP_High_R4_SC-7(13) FedRAMP High SC-7 (13) System And Communications Protection Isolation Of Security Tools / Mechanisms / Support Components Shared n/a The organization isolates [Assignment: organization-defined information security tools, mechanisms, and support components] from other internal information system components by implementing physically separate subnetworks with managed interfaces to other components of the system. Supplemental Guidance: Physically separate subnetworks with managed interfaces are useful, for example, in isolating computer network defenses from critical operational processing networks to prevent adversaries from discovering the analysis and forensics techniques of organizations. Related controls: SA-8, SC-2, SC-3. link 1
FedRAMP_Moderate_R4 SC-7(13) FedRAMP_Moderate_R4_SC-7(13) FedRAMP Moderate SC-7 (13) System And Communications Protection Isolation Of Security Tools / Mechanisms / Support Components Shared n/a The organization isolates [Assignment: organization-defined information security tools, mechanisms, and support components] from other internal information system components by implementing physically separate subnetworks with managed interfaces to other components of the system. Supplemental Guidance: Physically separate subnetworks with managed interfaces are useful, for example, in isolating computer network defenses from critical operational processing networks to prevent adversaries from discovering the analysis and forensics techniques of organizations. Related controls: SA-8, SC-2, SC-3. link 1
hipaa 0806.01m2Organizational.12356-01.m hipaa-0806.01m2Organizational.12356-01.m 0806.01m2Organizational.12356-01.m 08 Network Protection 0806.01m2Organizational.12356-01.m 01.04 Network Access Control Shared n/a The organization’s network is logically and physically segmented with a defined security perimeter and a graduated set of controls, including subnetworks for publicly accessible system components that are logically separated from the internal network, based on organizational requirements; traffic is controlled based on functionality required and classification of the data/systems based on a risk assessment and their respective security requirements. 13
hipaa 0817.01w2System.123-01.w hipaa-0817.01w2System.123-01.w 0817.01w2System.123-01.w 08 Network Protection 0817.01w2System.123-01.w 01.06 Application and Information Access Control Shared n/a Unless the risk is identified and accepted by the data owner, sensitive systems are isolated (physically or logically) from non-sensitive applications/systems. 13
NIST_SP_800-53_R4 SC-7(13) NIST_SP_800-53_R4_SC-7(13) NIST SP 800-53 Rev. 4 SC-7 (13) System And Communications Protection Isolation Of Security Tools / Mechanisms / Support Components Shared n/a The organization isolates [Assignment: organization-defined information security tools, mechanisms, and support components] from other internal information system components by implementing physically separate subnetworks with managed interfaces to other components of the system. Supplemental Guidance: Physically separate subnetworks with managed interfaces are useful, for example, in isolating computer network defenses from critical operational processing networks to prevent adversaries from discovering the analysis and forensics techniques of organizations. Related controls: SA-8, SC-2, SC-3. link 1
NIST_SP_800-53_R5 SC-7(13) NIST_SP_800-53_R5_SC-7(13) NIST SP 800-53 Rev. 5 SC-7 (13) System and Communications Protection Isolation of Security Tools, Mechanisms, and Support Components Shared n/a Isolate [Assignment: organization-defined information security tools, mechanisms, and support components] from other internal system components by implementing physically separate subnetworks with managed interfaces to other components of the system. link 1
SWIFT_CSCF_v2022 2.1 SWIFT_CSCF_v2022_2.1 SWIFT CSCF v2022 2.1 2. Reduce Attack Surface and Vulnerabilities Ensure the confidentiality, integrity, and authenticity of application data flows between local SWIFT-related components. Shared n/a Confidentiality, integrity, and authentication mechanisms are implemented to protect SWIFT-related component-to-component or system-to-system data flows. link 36
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add dd6d00a8-701a-5935-a22b-c7b9c0c698b2
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
SWIFT CSP-CSCF v2022 7bc7cd6c-4114-ff31-3cac-59be3157596d Regulatory Compliance GA BuiltIn
JSON