AzPolicyAdvertizer

last sync: 2025-May-01 19:36:43 UTC

Microsoft Managed Control 1300 - User Identification And Authentication | Regulatory Compliance - Identification and Authentication

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Microsoft Managed Control 1300 - User Identification And Authentication

99deec7d-5526-472e-b07c-3645a792026a

Version

1.0.1
Details on versioning

Versioning

Versions supported for Versioning: 0
Built-in Versioning [Preview]

Category

Regulatory Compliance
Microsoft Learn

Description

Microsoft implements this Identification and Authentication control

Cloud environments

AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown

Available in AzUSGov

The Policy is available in AzureUSGovernment cloud. Version: '1.0.0'
Repository: Azure-Policy 99deec7d-5526-472e-b07c-3645a792026a

Additional metadata

Name/Id: ACF1300 / Microsoft Managed Control 1300
Category: Identification and Authentication
Title: User Identification And Authentication
Ownership: Customer, Microsoft
Description: The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).
Requirements: Azure uniquely identifies and authenticates users via Active Directory (AD) and smart cards. AD associates users to IDs and GUIDs and prevents the creation of a duplicate account. A user's account within each Azure domain maps his or her Microsoft corporate network (CorpNet) identifier, known as an alias, to the Azure domain for identification and authentication. Azure utilizes the Global Management Environment (GME) and Azure Management Environment (AME) domains for access to the Azure environment. Each domain is specific to the environment. As an example, John Doe's alias is jdoe, with accounts jdoe@redmond.gbl for access to CorpNet and jdoe@ame.gbl for access to Azure Commercial. Jumpboxes, Debug servers, Network Hop Boxes, and the SSL VPN are the approved mechanisms by which to gain access to Azure assets via internal network connectivity from CorpNet. A user authenticates to the Jumpbox, Debug server, Network Hop Box, or the SSL VPN with his or her smart card and PIN, then authenticates to the destination asset, with an approved JIT request necessary for elevated access.

Mode

Indexed

Type

Static

Preview

False

Deprecated

False

Effect

Fixed
audit

RBAC role(s)

none

Rule aliases

none

Rule resource types

IF (2)

Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups

Compliance

The following 1 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1300 - User Identification And Authentication' (99deec7d-5526-472e-b07c-3645a792026a)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#
NIS2	IM._Identity_Management_10	NIS2_IM._Identity_Management_10	NIS2_IM._Identity_Management_10	IM. Identity Management	The use of multi-factor authentication	Customer, Microsoft	Cryptographic Module Authentication	The use of multi-factor authentication or continuous authentication solutions, secured voice, video and text communications and secured emergency communication systems within the entity, where appropriate.		29

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type	polSet in AzUSGov
[Preview]: NIS2	32ff9e30-4725-4ca7-ba3a-904a7721ee87	Regulatory Compliance	Preview	BuiltIn	unknown

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-04-01 20:29:14	change	Patch (1.0.0 > 1.0.1)

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC