azure_compliance

Azure Compliance

Multi-Factor Authentication (MFA) should be enabled for all subscription accounts with write privileges to prevent a breach of accounts or resources.

iam_user_with_write_permission_on_subscription_mfa_enabled

nist_sp_800_53_rev_5_ac_3

Access Enforcement (AC-3)

nist_sp_800_53_rev_5_ia_2

Identification and Authentication (organizational Users) (IA-2)

hipaa_hitrust_v92_1173_01j1organizational

If encryption is not used for dial-up connections, the CIO or his/her designated representative provides specific written authorization

nist_sp_800_53_rev_5_ia_2_1

Multi-factor Authentication to Privileged Accounts IA-2(1)

hipaa_hitrust_v92_11110_01q1organizational

Non-organizational users (all information system users other than organizational users, such as patients, customers, contractors, or foreign nationals), or processes acting on behalf of non-organizational users, determined to need access to information residing on the organization's information systems, are uniquely identified and authenticated

pci_dss_v321_requirement_3_2

PCI DSS requirement 3.2

pci_dss_v321_requirement_7_2_1

PCI DSS requirement 7.2.1

pci_dss_v321_requirement_8_3_1

PCI DSS requirement 8.3.1

hipaa_hitrust_v92_1117_01j1organizational

Remote access by vendors and business partners (e.g., for remote maintenance) is disabled/deactivated when not in use

hipaa_hitrust_v92_1177_01j2organizational

User IDs assigned to vendors are reviewed in accordance with the organization's access review policy, at a minimum annually

Accounts with write permissions on Azure resources should be MFA enabled

azure

azuread

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, PCI DSS across all your Azure subscriptions using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-azure-compliance

Control: Accounts with write permissions on Azure resources should be MFA enabled

Description

Usage

SQL

Tags