Blog
December 15, 2020
Jeff Lesser

Compliance automation improvements and IaaS integrations

Today we’re proud to announce the addition of improvements to our compliance automation functionality for all integrations as well as new infrastructure-as-a-service integrations to Comply. These are two major new features that improve the intelligent automations available. 

Comply’s integrations (such as Okta, JAMF, GitHub, and more) have always helped customers automatically maintain asset inventories, collect evidence, and perform user access reviews. With the new automated issue detection feature, integrations are even more intelligent so compliance managers can continuously monitor controls and remediate detected issues with simple, user-friendly workflows.

Also new is automated compliance for IaaS. Starting with direct integrations to AWS services such as IAM, RDS, S3, and EC2, companies building in the cloud can manage compliance more easily through powerful automations. 

Automated Compliance for AWS

Companies like Data Republic have used Comply’s suite of automations, including AWS, to complete their audit in half the amount of time expected! Comply provides integrations to enable compliance automation for the foundational AWS services that most companies use including IAM, RDS, and EC2. This enables Comply to automatically check the following items:

  • Password Policy
  • Multi-factor Authentication
  • Database Backups Enabled
  • Database Encryption
  • Database Key Status
  • Database Key Rotation
  • Database Key Age
  • Database Replica
  • Database In Transit Encryption
  • Hardware Isolation
  • Ingress Config
  • In Transit Encryption
  • Trusted Certificate
  • SSH Port

We plan on continued improvements including adding many more foundational services such as S3 in the next few weeks, followed by CloudTrail and CloudWatch as well as integrations with native security and compliance aggregation tools such as Security Hub and Config. We are also going to release similar integrations for GCP, Azure, and other cloud computing services. We’d love your feedback on how to make these integrations make your compliance management easier.

“Comply’s automations saved us weeks of time preparing for our audit, contributing to our ISO 27001 certification with zero non-conformances or opportunities for improvement. The AWS integration is a huge benefit, automatically populating our asset inventory, collecting evidence, identifying issues, and making it simple to resolve problems.”

- Richard Lane, Head of Security and Risk at Data Republic

Automated Issue Detection and Remediation

Compliance is the ongoing act of proving security; to be good at compliance is to be good at security. While audits may happen on regular intervals, compliance happens everyday. Now, by taking advantage of the new issue detection and remediation functionality compliance managers are able to use compliance to improve security. Comply makes it simple to monitor important services (such as AWS) at the control level to detect issues, get critical alerts, and ultimately resolve the issue. 

Automated Issue Detection

Our approach to integrations is to go deep not broad. The intelligent integrations in Comply just got smarter with enhanced logic enabling automations, alerts, and other workflows to detect and manage issues.

  • Tag-based automations: A new feature in Comply enables compliance managers to apply “tags” to assets through the user interface and integrations. Automations can then be applied only to assets matching a specific tag.
  • Status states: Automations now support a status state of “success” or “failure” so it’s easier to understand how automations are classifying data.   
  • Aggregated dashboard: Adding to the existing dashboards, there’s a new issue dashboard that makes it easy to see compliance posture.

Remediation

Identifying issues is only half of the problem, and now Comply helps you solve the other half; remediation. New functionality enables compliance managers to automate issue detection, workflows, and evidence collection, as well as track issues through to remediation.

  • Automated issue tracking: Comply will automatically resolve an issue if automations pull new data that proves it’s been fixed. Issues will stay open and easy to track until they are resolved (either manually or through automation).
  • Reminders: Comply will now remind team members to address their issues on a weekly basis.

Getting started

With today’s addition of the AWS integration and control monitoring and remediation functionality managing compliance has never been easier. 

  • There’s no action required to start using the issue detection and remediation functionality, just login and it’s there!
  • To securely enable the AWS integration, customers should create an AWS IAM user with read-only access and input those credentials into Comply, full details can be found on our documentation.

To learn more about the new AWS integration and automated issue detection and remediation functionality watch our on-demand webinar now!