This implementation automates reporting to verify compliance with GC Cloud Guardrails. SSC and TBS review the results. Cette mise en œuvre automatise la production de rapports afin de vérifier la conformité aux mesures de sécurité infonuagique du GC. SPC et SCT examinent les résultats.
Other
7
stars
4
forks
source link
GR2 | Validation 10 | Automated Guest User Reviews: Role Assignments and Access Requirements (M) #179
ItemName: Automated Guest User Reviews: Role Assignments and Access Requirements (M)
ItemName FR: Évaluations automatisées des utilisateurs invités : attributions de rôles et conditions d'accès (M)
Description: SSC Assistant message: This new control ensures periodic reviews of guest access, confirming compliance with validation requirements. It helps manage the lifecycle of guest user accounts by terminating them when no longer needed, thereby enhancing security and reducing risks. Note: An MS EntraID P2 license is required for implementation, and you may also need the MS Entra ID Governance License for additional governance features.
Potential Control Flow:
Check for a scheduled access review that has been scoped to guest user only.
Check that at least one user (not a guest user) has been specified to review.
Ensure the recurrence of review is at least 365 days and that there is no end date.
ItemName: Automated Guest User Reviews: Role Assignments and Access Requirements (M) ItemName FR: Évaluations automatisées des utilisateurs invités : attributions de rôles et conditions d'accès (M)
Description: SSC Assistant message: This new control ensures periodic reviews of guest access, confirming compliance with validation requirements. It helps manage the lifecycle of guest user accounts by terminating them when no longer needed, thereby enhancing security and reducing risks. Note: An MS EntraID P2 license is required for implementation, and you may also need the MS Entra ID Governance License for additional governance features.
Potential Control Flow:
References
Comments