Capability Domains met by Microsoft

Access Control Security Principles

Microsoft Azure Government has developed a 10-step process to facilitate access control with the security principles within CMMC:

  • Implement Secure Authentication
  • Implement Role Based Access Control
  • Enforce Least Privilege
  • Secure Administrative Rights
  • Configure Lockout Threshold
  • Configure Inactivity Logoff
  • Leverage Adaptive Access Control
  • Secure Remote Access
  • Manage Connections
  • Control Data Usage
  • Secure Confidential Data
  • Azure Offerings for Access Control

  • Azure Active Directory is an identity and access management-as-a-service (IDaaS) solution that combines single-on capabilities to any cloud and on-premises application with advanced protection and conditional access controls.
  • Azure AD Privileged Identity Management is a service that enables you to manage, control, and monitor access to important resources in your organization. These resources include resources in Azure AD, Azure, and other Microsoft Online Services like Office 365 or Microsoft Intune.
  • Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It’s a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
  • Azure Policy helps you manage and prevent IT issues with policy definitions that enforce rules and effects for your resources.
  • Azure Information Protection helps secure email, documents, and sensitive data that you share outside your company.
  • VPN Gateway is a specific type of virtual network gateway that is used to send encrypted traffic between an Azure virtual network and an on-premises location over the public Internet.