Best practices

Users can create security groups in Azure portals, API or PowerShell

Platform(s)
Compliance Frameworks
  • Azure CIS
    • ,
  • Brazilian General Data Protection (LGPD)
    • ,
  • CCPA
    • ,
  • CPRA
    • ,
  • Data Security Posture Management (DSPM) Best Practices
    • ,
  • essential_8_au
    • ,
  • iso_27001_2022
    • ,
  • iso_27002_2022
    • ,
  • Mitre ATT&CK
    • ,
  • mpa
    • ,
  • New Zealand Information Security Manual
    • ,
  • NIST 800-171
    • ,
  • NIST 800-53
    • ,
  • PDPA
    • ,
  • pipeda
    • ,
  • UK Cyber Essentials

Description

'User settings' is default configurations of consent and permissions for all tenant users. It was detected that users can create security groups. When creating security groups permission is enabled, all users in the directory are allowed to create new security groups and add members to those groups. Unless a business requires this day-to-day delegation, security group creation should be restricted to administrators only.
Need help?

Get a free Security Risk Assessment. Start today

Eyebrow option

Demo the Orca Platform

In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.

Get a Demo