| nan | Microsoft Cloud Security Benchmark v1 | nan |
| nan | This spreadsheet is designed to provide you a private preview version of the Microsoft Cloud Security Benchmark v1. For the web version of the content, please refer to ttps://docs.microsoft.com/en-us/security/benchmark/azure/overview | nan |
| | |
| a. The control mappings between MCSB and industry benchmarks (such as NIST, CIS and PCI) only indicate that a specific Azure feature can be used to fully or partially address a control requirement defined in NIST, CIS or PCI. You should be aware that such implementation does not necessarily translate to the full compliance of the corresponding control in CIS, NIST or PCI. | |
| b. This document is developed as a reference and should not be used to define all means by which a customer can meet specific compliance requirements and regulations. Customers should seek legal support from their organization on approved customer implementations. | |
| nan | nan | nan |
| nan | This multi-cloud guidance follows the below principles: | nan |
| 1. The security guidance for non-Azure platforms will follow the same cloud-neutral security principles at each control level as Azure's. | |
| 2. The security guidance for non-Azure platforms will provide the same level of granularity and same scope in the technical guidance as Azure's. | |
| 3. The non-Microsoft cloud service provider’s (CSP) native solution or feature will usually be recommended as the first preference for each control. However, when there is a more mature multi-cloud solution available in Azure, it'll be prioritized as the default recommendation. | |
| 4. If neither the CSP's native technology nor Azure solutions are available to satisfy a security principle, third-party solutions will be recommended from the Azure or the other CSP's Marketplace. However, Microsoft Cloud Security Benchmark will not name any specific third-party vendor product or solution. | |
| nan | nan | nan |
| nan | nan | nan |
| nan | Guidance - Column Header | Descriptions |
| nan | ID# | The Microsoft Cloud Security Benchmark ID. |
| nan | Control Domain | The security control domain. |
| nan | Security Principle | The technology-agnostic and cloud neutral principle for various security topics in each control domains. |
| nan | Recommendation | The control recommendation in summarized format. |
| nan | Azure Guidance | The technical guidance for Azure platforms. |
| nan | AWS Guidance | The technical guidance for Amazon Web Services platforms. |
| nan | Implementation and additional context | The implementation details and other relevant context which links to the Azure or AWS service offering documentation articles. |