compliance controls are associated with this Policy definition 'Storage accounts should have the specified minimum TLS version' (fe83a0eb-a853-422d-aac2-1bffd182c5d0)
| Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
| ACAT_Security_Policies |
|
ACAT_Security_Policies |
ACAT Security Policies |
Guidelines for M365 Certification |
Protecting systems and resources
|
Shared |
n/a |
Ensures that apps have strong security and compliance practices in place to protect customer data, security, and privacy. |
link |
16 |
| CIS_Azure_2.0.0 |
3.15 |
CIS_Azure_2.0.0_3.15 |
CIS Microsoft Azure Foundations Benchmark recommendation 3.15 |
3 |
Ensure the "Minimum TLS version" for storage accounts is set to "Version 1.2" |
Shared |
When set to TLS 1.2 all requests must leverage this version of the protocol. Applications leveraging legacy versions of the protocol will fail. |
In some cases, Azure Storage sets the minimum TLS version to be version 1.0 by default. TLS 1.0 is a legacy version and has known vulnerabilities. This minimum TLS version can be configured to be later protocols such as TLS 1.2.
TLS 1.0 has known vulnerabilities and has been replaced by later versions of the TLS protocol. Continued use of this legacy protocol affects the security of data in transit. |
link |
4 |
| CIS_Azure_Foundations_v2.1.0 |
3.15 |
CIS_Azure_Foundations_v2.1.0_3.15 |
CIS Azure Foundations v2.1.0 3.15 |
Storage Accounts |
Ensure the "Minimum TLS version" for storage accounts is set to "Version 1.2" |
Shared |
n/a |
In some cases, Azure Storage sets the minimum TLS version to be version 1.0 by default. TLS 1.0 is a legacy version and has known vulnerabilities. This minimum TLS version can be configured to be later protocols such as TLS 1.2. |
|
1 |
| CIS_Controls_v8.1 |
3.10 |
CIS_Controls_v8.1_3.10 |
404 not found |
|
|
|
n/a |
n/a |
|
8 |
| CIS_Controls_v8.1 |
4.1 |
CIS_Controls_v8.1_4.1 |
CIS Controls v8.1 4.1 |
Secure Configuration of Enterprise Assets and Software |
Establish and maintain a secure configuration process. |
Shared |
1. Establish and maintain a secure configuration process for enterprise assets (end-user devices, including portable and mobile; non-computing/IoT devices; and servers) and software (operating systems and applications).
2. Review and update documentation annually, or when significant enterprise changes occur that could impact this safeguard. |
To ensure data integrity and safety of enterprise assets. |
|
44 |
| EU_GDPR_2016_679_Art. |
24 |
EU_GDPR_2016_679_Art._24 |
EU General Data Protection Regulation (GDPR) 2016/679 Art. 24 |
Chapter 4 - Controller and processor |
Responsibility of the controller |
Shared |
n/a |
n/a |
|
306 |
| EU_GDPR_2016_679_Art. |
25 |
EU_GDPR_2016_679_Art._25 |
EU General Data Protection Regulation (GDPR) 2016/679 Art. 25 |
Chapter 4 - Controller and processor |
Data protection by design and by default |
Shared |
n/a |
n/a |
|
306 |
| EU_GDPR_2016_679_Art. |
28 |
EU_GDPR_2016_679_Art._28 |
EU General Data Protection Regulation (GDPR) 2016/679 Art. 28 |
Chapter 4 - Controller and processor |
Processor |
Shared |
n/a |
n/a |
|
306 |
| EU_GDPR_2016_679_Art. |
32 |
EU_GDPR_2016_679_Art._32 |
EU General Data Protection Regulation (GDPR) 2016/679 Art. 32 |
Chapter 4 - Controller and processor |
Security of processing |
Shared |
n/a |
n/a |
|
306 |
| New_Zealand_ISM |
17.4.16.C.01 |
New_Zealand_ISM_17.4.16.C.01 |
New_Zealand_ISM_17.4.16.C.01 |
17. Cryptography |
17.4.16.C.01 Using TLS |
|
n/a |
Agencies SHOULD use the current version of TLS (version 1.3). |
|
5 |