π‘οΈ Microsoft Entra ID Admin accounts are not used for daily operationsπ’βͺ
- Contextual name: π‘οΈ Admin accounts are not used for daily operationsπ’βͺ
- ID:
/ce/ca/azure/monitor/admin-accounts-for-daily-operations - Tags:
- βͺ Impossible policy
- π’ Policy with categories
- π’ Policy with type
- Policy Type:
COMPLIANCE_POLICY - Policy Categories:
SECURITY
Descriptionβ
Descriptionβ
Microsoft Azure admin accounts should not be used for routine, non-administrative tasks.
Rationaleβ
Using admin accounts for daily operations increases the risk of accidental misconfigurations and security breaches.
Impactβ
Minor administrative overhead includes managing separate accounts, enforcing stricter access controls, and potential licensing costs for advanced security features.
Auditβ
From Azure Portalβ
Monitorβ
- Go to
Monitor.- Click
Activity log.- Review the activity log and ensure that admin accounts are not being used for daily operations.
Microsoft Entra IDβ
- Go to
Microsoft Entra ID.- Under
Monitoring, clickSign-in logs.- Review the sign-in logs and ensure that admin accounts are not being accessed more frequently than necessary.
Referencesβ
Remediationβ
Remediationβ
If admin accounts are being used for daily operations, consider the following:
- Monitor and alert on unusual activity.
- Enforce the principle of least privilege.
- Revoke any unnecessary administrative access.
- Use Conditional Access to limit access to resources.
- Ensure that administrators have separate admin and user accounts.
- Use Microsoft Entra ID Protection helps organizations detect, investigate, and remediate identity-based risks.
- Use Privileged Identity Management (PIM) in Microsoft Entra ID to limit standing administrator access to privileged roles, discover who has access, and review privileged access.
policy.yamlβ
Linked Framework Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| πΌ CIS Azure v4.0.0 β πΌ 6.3.1 Ensure that Azure admin accounts are not used for daily operations (Manual) | 1 | no data | |||
| πΌ Cloudaware Framework β πΌ User Account Management | 17 | no data |