Unprivileged user accounts are prevented from modifying and deleting backups.
Topic
Backup modification and deletion
Applicable to
all
History
Sep 2024
Unprivileged user accounts are prevented from modifying and deleting backups.
References to ‘unprivileged accounts’ were changed to ‘unprivileged user accounts’ in order to more closely match Microsoft Active Directory account types (i.e. ‘users’ and ‘computers’). Note, the definition of unprivileged accounts (which referred to such accounts as being a combination of unprivileged user accounts and unprivileged service accounts) has been removed. Unprivileged service accounts are now treated as a subset of unprivileged user accounts.
Dec 2022
Unprivileged accounts are prevented from modifying and deleting backups.
Backup modification and deletion language associated with existing controls was amended to provide clarity of intent [ISM-1707, ISM-1708]. This included the introduction of a new control [ISM-1814].