Access Control Security Principles
Microsoft Azure Government has developed a 10-step process to facilitate access control with the security principles within CMMC:
Implement Secure Authentication
Implement Role Based Access Control
Enforce Least Privilege
Secure Administrative Rights
Configure Lockout Threshold
Configure Inactivity Logoff
Leverage Adaptive Access Control
Secure Remote Access
Manage Connections
Control Data Usage
Secure Confidential Data
Azure Offerings for Access Control
Azure Active Directory is an identity and access management-as-a-service (IDaaS) solution that combines single-on capabilities to any cloud and on-premises application with advanced protection and conditional access controls.
Azure AD Privileged Identity Management is a service that enables you to manage, control, and monitor access to important resources in your organization. These resources include resources in Azure AD, Azure, and other Microsoft Online Services like Office 365 or Microsoft Intune.
Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It’s a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
Azure Policy helps you manage and prevent IT issues with policy definitions that enforce rules and effects for your resources.
Azure Information Protection helps secure email, documents, and sensitive data that you share outside your company.
VPN Gateway is a specific type of virtual network gateway that is used to send encrypted traffic between an Azure virtual network and an on-premises location over the public Internet.