您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

标识基线示例策略语句Identity Baseline sample policy statements

各个云策略语句是解决在风险评估过程中确定的特定风险的指导原则。Individual cloud policy statements are guidelines for addressing specific risks identified during your risk assessment process. 这些语句应提供简要的风险摘要,以及应对它们的计划。These statements should provide a concise summary of risks and plans to deal with them. 每个语句定义应包括以下这些信息:Each statement definition should include these pieces of information:

  • 技术风险: 此策略将解决的风险摘要。Technical risk: A summary of the risk this policy will address.
  • 策略声明: 策略要求的清晰摘要说明。Policy statement: A clear summary explanation of the policy requirements.
  • 设计选项: IT 团队和开发人员在实施策略时可以使用的可操作建议、规范或其他指导。Design options: Actionable recommendations, specifications, or other guidance that IT teams and developers can use when implementing the policy.

下面的示例策略语句解决了与标识相关的常见业务风险。The following sample policy statements address common identity-related business risks. 这些语句是在起草策略声明以满足组织需求时可以参考的示例。These statements are examples you can reference when drafting policy statements to address your organization's needs. 这些示例不是 proscriptive,并且可能有多个策略选项处理每个标识的风险。These examples are not meant to be proscriptive, and there are potentially several policy options for dealing with each identified risk. 与业务和 IT 团队密切合作,确定你的独特风险集的最佳策略。Work closely with business and IT teams to identify the best policies for your unique set of risks.

缺少访问控制Lack of access controls

技术风险: 权限不足或即席访问控制设置可能会导致未经授权访问敏感或关键任务资源的风险。Technical risk: Insufficient or ad hoc access control settings can introduce risk of unauthorized access to sensitive or mission-critical resources.

策略声明: 部署到云的所有资产都应该使用当前治理策略批准的标识和角色进行控制。Policy statement: All assets deployed to the cloud should be controlled using identities and roles approved by current governance policies.

潜在的设计选项: Azure Active Directory 条件性访问 是 Azure 中的默认访问控制机制。Potential design options: Azure Active Directory Conditional Access is the default access control mechanism in Azure.

预配过度的访问Overprovisioned access

技术风险: 对超出其责任范围的资源进行控制的用户和组可能会导致未经授权的修改导致中断或安全漏洞。Technical risk: Users and groups with control over resources beyond their area of responsibility can result in unauthorized modifications leading to outages or security vulnerabilities.

策略声明: 将实现以下策略:Policy statement: The following policies will be implemented:

  • 最小特权访问模型将应用到任务关键型应用程序或受保护数据所涉及的任何资源。A least-privilege access model will be applied to any resources involved in mission-critical applications or protected data.
  • 提升的权限应该是一个例外,并且所有此类例外都必须与云调控团队一起记录。Elevated permissions should be an exception, and any such exceptions must be recorded with the cloud governance team. 将定期审核例外情况。Exceptions will be audited regularly.

潜在的设计选项: 请参阅 azure 标识管理最佳做法 ,实现基于角色的 azure) (的访问控制,并根据 需要知道最低权限安全 原则限制访问权限。Potential design options: Consult the Azure identity management best practices to implement an Azure role-based access control (Azure RBAC) strategy that restricts access based on the need to know and least-privilege security principles.

本地与云之间缺少共享管理帐户Lack of shared management accounts between on-premises and the cloud

技术风险: 使用本地 Active Directory 帐户的 IT 管理人员或管理人员可能没有足够的权限访问云资源可能无法有效地解决操作或安全问题。Technical risk: IT management or administrative staff with accounts on your on-premises Active Directory may not have sufficient access to cloud resources might not be able to efficiently resolve operational or security issues.

策略声明: 本地 Active Directory 基础结构中具有提升权限的所有组都应映射到已批准的 Azure 角色。Policy statement: All groups in the on-premises Active Directory infrastructure that have elevated privileges should be mapped to an approved Azure role.

潜在的设计选项: 在基于云的 Azure Active Directory 与本地 Active Directory 之间实现混合标识解决方案,并将所需的本地组添加到完成其工作所需的 Azure 角色。Potential design options: Implement a hybrid identity solution between your cloud-based Azure Active Directory and your on-premises Active Directory, and add the required on-premises groups to the Azure roles necessary to do their work.

弱身份验证机制Weak authentication mechanisms

技术风险: 具有不足安全用户身份验证方法(如基本用户/密码组合)的标识管理系统可能会导致泄露或黑客攻击的密码,从而提供对安全云系统进行未经授权的访问的重大风险。Technical risk: Identity management systems with insufficiently secure user authentication methods, such as basic user/password combinations, can lead to compromised or hacked passwords, providing a major risk of unauthorized access to secure cloud systems.

策略声明: 所有帐户都需要使用多重身份验证方法登录到受保护的资源。Policy statement: All accounts are required to sign in to secured resources using a multi-factor authentication method.

潜在的设计选项: 对于 Azure Active Directory,请在用户授权过程中实施 Azure 多重身份验证Potential design options: For Azure Active Directory, implement Azure Multi-Factor Authentication as part of your user authorization process.

隔离的标识提供者Isolated identity providers

技术风险: 不兼容的标识提供者可能会导致无法与客户或其他业务合作伙伴共享资源或服务。Technical risk: Incompatible identity providers can result in the inability to share resources or services with customers or other business partners.

策略声明: 部署任何需要客户身份验证的应用程序必须使用与内部用户的主要标识提供者兼容的已批准标识提供者。Policy statement: Deployment of any applications that require customer authentication must use an approved identity provider that is compatible with the primary identity provider for internal users.

潜在的设计选项: 在内部和客户标识提供者之间实现 与 Azure Active Directory 的联合 ,或使用 Azure Active Directory B2BPotential design options: Implement federation with Azure Active Directory between your internal and customer identity providers or use Azure Active Directory B2B

标识评审Identity reviews

技术风险: 随着时间的变化,添加新的云部署或其他安全问题可能会增加对安全资源的未经授权访问的风险。Technical risk: As business changes over time, the addition of new cloud deployments or other security concerns can increase the risks of unauthorized access to secure resources.

策略声明: 云监管流程必须包括对标识管理团队进行季度检查,以确定应由云资产配置阻止的恶意执行组件或使用模式。Policy statement: Cloud governance processes must include quarterly review with identity management teams to identify malicious actors or usage patterns that should be prevented by cloud asset configuration.

潜在的设计选项: 建立季度安全评审会议,其中包括负责管理标识服务的管辖团队成员和 IT 人员。Potential design options: Establish a quarterly security review meeting that includes both governance team members and IT staff responsible for managing identity services. 查看现有的安全数据和度量值,以在当前标识管理策略和工具中建立缺口,并更新策略以修正任何新的风险。Review existing security data and metrics to establish gaps in current identity management policy and tooling, and update policy to remediate any new risks.

后续步骤Next steps

使用本文中所述的示例作为开发策略的起点,以解决与云采用计划相匹配的特定业务风险。Use the samples mentioned in this article as a starting point for developing policies to address specific business risks that align with your cloud adoption plans.

若要开始开发您自己的自定义标识基准策略语句,请下载 " 标识基线训练模板"。To begin developing your own custom Identity Baseline policy statements, download the Identity Baseline discipline template.

若要加快此层面的采用,请选择最符合您的环境的可 操作调控指南To accelerate adoption of this discipline, choose the actionable governance guide that most closely aligns with your environment. 随后修改设计以整合特定公司策略决策。Then modify the design to incorporate your specific corporate policy decisions.

在风险和容忍度基础上,建立治理和沟通标识基准策略遵循过程。Building on risks and tolerance, establish a process for governing and communicating Identity Baseline policy adherence.