Security Compliance Leads Now Have More Control and Visibility

  • April 06, 2022

Emily Bonnie

Senior Content Marketing Manager at Secureframe

Leading the process to get a security compliance report is hard enough when you’re a small startup with few employees, a couple of cloud vendors, and a handful of cloud applications. Getting or maintaining compliance becomes exponentially more complicated as you scale your business with hundreds of employees who need to get certified with training, numerous vendors you need to verify, and tons of cloud applications and infrastructure vendors to monitor.

Whether you’re the CISO, IT Admin, or just the person selected to lead your company’s security compliance process, manually managing all of the tasks and activities required to get a security compliance report is stressful.

Our security compliance automation platform makes getting and maintaining compliance easier by automating evidence gathering and providing every customer with direct access to an on-staff compliance expert.

We’re constantly making improvements to our platform to make the lives of compliance leads easier with more control over data access and greater visibility into activity in Secureframe’s platform. Here are some recent updates that empower admins in Secureframe, who are often leading their company’s compliance efforts.

Updated Personnel page for easy user management

The new Personnel page is your one-stop shop to manage users in Secureframe. A few of the key activities you can do on this page are:

  1. Manage employees, contractors, auditors, and other users
  2. Easily track if users have completed key activities, like accepted policies or completed security training
  3. Initiate background checks
  4. View the devices and accounts a user can access

We recently added the Access Role column so you can see what type of system access that user has. More details in the next section.

Role-based Access Control: Easily manage user access and visibility

The principle of least privilege, when applied to users, means giving them access to only those privileges which are essential to performing their job. In Secureframe, that means only giving users access to the specific modules and data they need to access for compliance purposes.

Hiding data and modules also has the added benefit of streamlining the experience for users. For example, HR administrators may only need to see the company onboarding process and some sensitive data while auditors in Secureframe only need to see policies, reports, and shared evidence in the data room.

The ability to create and change access roles for personnel is limited to Super Admins. Super Admins can navigate to: Personnel > Settings (gear icon) > Roles to configure access roles.

If you're a Secureframe customer and your company does not have any Super Admins, please reach out to your customer success rep via Slack.

Dashboard: Understand your audit status at a glance

Our reimagined dashboard makes it easy to quickly understand your audit status, open tasks by user, personnel onboarding status, and more. With a clearer view of next steps, getting through the compliance process is faster and more streamlined.

Saved views and data exports: Manage your data the way you want

For admins who are constantly filtering and re-filtering tables in Secureframe to see a specific data set, you can now save views and have them persist. For example, on the Personnel page, you can create a view of just the contractors in Secureframe who have not accepted their policies. If you leave the page, you can easily come back to this view at a later date.

These searches are saved across the platform, so others can use the same saved views to get to the specific review. When editing a view, an orange dot will appear next to the name so you know that it has been edited. When navigating away, you will be prompted to save or abandon the changes.

And with our updated data export feature, you can now export a filtered data set to a .CSV file on your local drive or add it directly to the data room for an auditor to view.

This feature is available now on any page with search and filter capability.

Track updates in Secureframe with Audit Logs

Audit logs, in general, are a key component of proving compliance and security for any system. They help keep track of potential security breaches or people misusing information.

We provide audit logs just like any other critical platform and application your company may be using. This ensures admins have a full view of the changes happening in Secureframe and who is making those changes.

Interested in learning how Secureframe can help you get and maintain compliance?

We make rigorous security compliance easy and accessible for companies of any size. If you’re interested in learning more about our platform and team of compliance experts, schedule a demo today.