Platform Updates: Faster, Seamless Compliance with Secureframe Agent

  • April 07, 2022

Emily Bonnie

Senior Content Marketing Manager at Secureframe

Getting ready for a compliance audit like SOC 2 or ISO 27001 requires a lot of preparation. Proving that your employees have taken security training, that the devices they use are secure, and that your software development team is following security best practices are just a fraction of the actions you need to take to make sure you’re ready to get a clean compliance report.

Secureframe is committed to making compliance as seamless a process as possible for organizations of any size, which is why we are constantly making improvements to our security compliance automation platform.

Read on to learn how the Secureframe Agent can speed up getting compliant, how email notifications ensure employees complete required activities, and how our upgraded version control integrations automate even more of the evidence collection process.

Secureframe Agent: Quickly meet your device management requirements

Device management is necessary to meet SOC 2 and many other compliance standard controls. A popular way to meet this requirement is to purchase a third-party Mobile Device Management (MDM) solution. An MDM simplifies and enhances IT's ability to manage end-user devices like laptops and smartphones.

Secureframe integrates with popular MDM solutions including Kandji, JAMF, Hexnode, Microsoft Intune, and more. Check out the full list here.

For smaller companies not ready to implement an MDM, or for larger companies that need time to evaluate vendors, the Secureframe Agent is a free, read-only alternative. It is quick to install on employee devices and simplifies compliance requirements like encryption, password policies, application, and software updates. It can also speed up the compliance process by generating reports for your auditor. 

To install, go to “Integrations” and search for “Secureframe”. Click “+ Add Connection” and then “Connect”.

Email Notifications: Automatically remind in-scope employees to complete audit tasks

Onboarding activities like accepting corporate policies and taking security awareness training (and possibly installing the Secureframe Agent) are required for compliance. Many of these activities are also required every year to stay compliant.

Email notifications are a key tool for ensuring employees remember to complete these tasks either shortly after onboarding or when their yearly requirement comes up.

You can configure Email Notification Settings under Personnel > Settings > Customization tab. Reminders can be set to daily, weekly, or biweekly and the system will automatically send reminder emails to all personnel to complete any incomplete or annual tasks.

Automate evidence collection for version control vendors

SOC 2 covers the software development lifecycle and how a company tracks and manages changes to software code is a key part of the process. Version control apps are often used by companies to manage code changes, which makes them a key source of evidence in a compliance report.

Secureframe integrates with the most popular version control applications, including Github, Gitlab, Bitbucket, and Azure DevOps. Check out the full list of integrations here.

We continuously update these integrations to speed up the evidence collection process. We recently updated the Github and Azure DevOps integrations to automate even more compliance checks and evidence collection for five additional requirements each.

Interested in learning how Secureframe can help make your compliance process seamless?

We make rigorous security compliance easy and accessible for companies of any size. If you’re interested in learning more about our platform and team of compliance experts, then schedule a demo today.