Hello,
I am looking for some best practice recommendations for starting Policy Compliance. I am starting with the videos and will move onto the training on the product, however, I am looking for what current users of PC are doing and how they got started.
Here are some questions I have to start:
What are some types of processes you have with the platform teams?
What benchmarks are you using?
Are you customizing the benchmarks any?
Do you have different policies for the same OS?
How are you handing exceptions?
Reporting:
How are you reporting to the platform teams?
Are you empowering the platform teams to do any work in the PC module?
How are you setting up reporting for compliance levels at an InfoSec level?
What are the built-in reports like?
Thanks in advance
HI there.
I can tell you that the idea of Best practices in this space is not well documented. If you want to empower your teams you will want to make sure to set-up your business units so they can access all IP's from your subscription, or at least make sure you include all they should be able to manage. Do your homework on the business units and how they are able to manage them. Here is some things I didn't know prior to setting them up.
If you build a business unit you must assign an asset group. The asset group you assign will need to have all IP's for the assets you would like those unit managers to manage. A user in a business unit can not add a system to their BU for scanning if the IP does not exist in the Asset group you assign when you build the BU. I still struggle with some of my assets getting multiple policies because of the way i initially set-up the BU's.