Privileged user accounts (excluding backup administrator accounts) cannot access their own backups.
Topic
Backup access
Applicable to
all
History
Sep 2024
Privileged user accounts (excluding backup administrator accounts) cannot access their own backups.
References to ‘privileged accounts’ were changed to ‘privileged user accounts’ in order to more closely match Microsoft Active Directory account types (i.e. ‘users’ and ‘computers’). Note, the definition of privileged accounts (which referred to such accounts as being a combination of privileged user accounts and privileged service accounts) has been removed. Privileged service accounts are now treated as a subset of privileged user accounts.
Dec 2022
Privileged accounts (excluding backup administrator accounts) cannot access their own backups.
Backup access language associated with existing controls was amended to provide clarity of intent [ISM-1705, ISM-1706]. This included the introduction of two new controls [ISM-1812, ISM-1813].