This implementation automates reporting to verify compliance with GC Cloud Guardrails. SSC and TBS review the results. Cette mise en œuvre automatise la production de rapports afin de vérifier la conformité aux mesures de sécurité infonuagique du GC. SPC et SCT examinent les résultats.
Other
7
stars
4
forks
source link
GR1 | Validation 2| All Cloud User Accounts MFA Conditional Access Policy (M) #133
Description: This is an existing control “Multi-Factor authentication required for all users by Conditional Access Policy” from GR3 in v1.0 Renamed to “All Cloud User Accounts MFA Conditional Access Policy (M)”. The intention is to ensure All User Accounts are adhering to a Conditional Access Policy enforcing MFA to login.
Opportunities to Improve the Existing MFA Conditional Access Policy
Can there be more flexibility in what currently exists? For example 3.includedApplications this can be updated to 'All' OR contains 'Microsoft Admin Portals'
Do we need a deny CAP for users without MFA to make this a complete check?
ItemName ENG: “All Cloud User Accounts MFA Conditional Access Policy (M)” ItemName FR: "Tous les comptes d’utilisateurs infonuagiques stratégie d’accès conditionnel AMF (M)"
Description: This is an existing control “Multi-Factor authentication required for all users by Conditional Access Policy” from GR3 in v1.0 Renamed to “All Cloud User Accounts MFA Conditional Access Policy (M)”. The intention is to ensure All User Accounts are adhering to a Conditional Access Policy enforcing MFA to login.
Opportunities to Improve the Existing MFA Conditional Access Policy
Optional Improvement: How often is this CAP applied to end users? Every single time vs per session?