Ensure that the total number of subscription owners created for your Microsoft Azure account subscriptions is being monitored by the Microsoft Defender for Cloud service. Trend Cloud One™ – Conformity recommends designating up to 3 subscription owners in order to reduce the potential for security breaches by one or more compromised owners.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
As a security best practice, a maximum number of 3 owners should be designated for a Microsoft Azure subscription. By monitoring the number of subscription owners using Microsoft Defender for Cloud, you can enforce these best practices and always maintain a maximum of 3 subscription owners. This should reduce the risk of a compromised owner's account being used to gain access to your subscription.
Audit
To determine if the number of subscription owners is being monitored with Microsoft Defender for Cloud, perform the following operations:
Remediation / Resolution
To begin monitoring the total number of Azure subscription owners using the Microsoft Defender for Cloud service, perform the following operations:
References
- Azure Official Documentation
- Microsoft Defender for Cloud documentation
- What is Microsoft Defender for Cloud?
- Azure Policy built-in policy definitions
- Manage security policies
- Azure Command Line Interface (CLI) Documentation
- az
- az account get-access-token