SOC2 Compliance & Worklets

  • 12 January 2022
  • 0 replies
  • 216 views

Userlevel 3
Badge

SOC2 Compliance certification is an important milestone for vendors operating in the cloud. Why? Well, it demonstrates that a vendor has proven that they handle customer data responsibly, which means customers trust that vendor more readily. Especially in the cloud, where data handling can seem distant and uncertain, certification can help a vendor build trust and confidence. SOC2 Compliance certification is awarded by an external auditor that gauges an organization’s adherence to the following five Trust Service Principles:

  1. Security

  2. Availability

  3. Processing Integrity

  4. Confidentiality

  5. Privacy

There is no concrete set of criteria to receive certification; rather it is at the discretion of the auditor. As a result, achieving this goal really comes down to your team developing and executing best practices across the five principles listed above. Things to consider when developing best practices are the type of service being provided and industry standards. Does the type of service dictate certain data protections? What about the industry, are there certain standards for your industry that must be adhered to? Reaching SOC2 compliance standards can be done by implementing many different controls. So, how can Automox help you achieve SOC2 Compliance?

Worklets!

Worklets can be created to automate cumbersome tasks that are critical to maintaining secure systems. The possibilities are endless, so when your organization has defined the path to SOC2 Compliance, start to leverage Worklets to help you get there! We’ve compiled a list of our favorites that have been posted on our Community page - let’s take a look at each of them to see exactly how they can help.

Note - worklets posted in the Community often evolve throughout the conversation in the post. Be sure to read the whole thing to get the latest version and other tips from users.

Implement CIS Guidelines for Account & Password Management:

  • Password Compliance - This worklet will ensure each endpoint requires passwords to be in compliance with CIS guidelines.

  • Account Lockout - This worklet will ensure each endpoint is compliant with CIS account lockout guidelines such as number of attempts, duration of lockout, etc.

Device Encryption:

  • Install BitLocker & Store Keys - Stores BitLocker Keys in the Device Tag for a given device (*BitLocker requires TPM chip)

  • Enforce Bitlocker Encryption - The evaluation code checks if there are any unencrypted drives. If any exist, the remediation code will start encryption on any unencrypted drives and export the Recovery Key to a text file (*BitLocker requires TPM chip)

  • Linux TPM Encryption Worklet - This worklet creates encryption for Linux that is similar to BitLocker on Windows.

Other:

  • Wiping Remote Machines - This one’s powerful, so use it carefully and heed the warnings in the post!

  • Replace an Admin Account (see attachment) - This will remove an admin account and replace it with a different one.

  • Get a Hardware Inventory for your Organization - Use this worklet to get a hardware inventory with some high level hardware information.

  • From the Worklet Catalog in the Automox Console, the following could also help you reach your compliance goals:

    • Set password complexity on windows accounts

    • Uninstall all apps under specific version

    • Uninstall Specific App by Name

    • Enforced App Uninstall

    • Set Account Lockout for Windows

    • Check Bitlocker Compliance

    • Enforce Bitlocker Encryption

As always, thank you to our members who continue to post these awesome worklets! We love seeing the collaboration to help us all automate more.

 

‘Til next time!

Jessica

 

 


0 replies

Be the first to reply!

Reply