ISO 27001 Compliance
Achieving ISO 27001 compliance could be challenging to small and medium size companies, as they have limited resources. Yet it is possible to accelerate ISO 27001 compliance by simplifying and automating many of the security controls for threat detection and meeting compliance. SQ1Shield delivers the essential capabilities to demonstrate ISO 27001 compliance and be ready for audit with greater confidence.
Be Secure. Be Compliant.
Customized assessments of IT Landscape (on-premise network & cloud), to identify security controls that are necessary to meet ISO 27001 Compliance.
Locate gaps that exist between your current security posture and the requirements
SQ1Shield helps you confront your ISO 27001 compliance gaps so that risks can be prioritized and addressed
SQ1Shield built-in ISO27001 reports help you report easily on security controls
Customize the reports to meet your business requirements and stay Compliant
SQ1Shield & ISO 27001 – Fulfil Compliance requirement with SQ1Shield
| ISO 27001 Control Objective | ISO 27001 Control | SQ1Shield Coverage |
|---|---|---|
|
A5 Information Security Policy |
A 5.1.1 – Policies for Information Security |
Policy Management helps you establish policies, update it and circulate within your employees |
|
A6 Organization of Information Security |
A6.2.1 – Mobile Device Policy |
Identify and monitor all mobile devices that have access to the network |
|
A6.2.2 - Teleworking |
Remote access monitoring |
|
|
A7 Human Resource Security |
A.7.2.2 – Information Security Awareness education and training |
Security reminders - Automated updates of threat intelligence and security awareness shared through policy management portal |
|
A7.3.1 – Termination or Change of employment responsibilities |
Monitor & alert logon of de-provisioned users |
|
|
A8 Asset Management |
A.8.1.1 – Inventory of Assets |
Asset Discovery – Identifies all the devices in the network including firewalls, routers. |
|
A.8.3.2 – Disposal of media |
Media destruction procedures established and stored, update it and circulate within your employees |
|
|
A9 Access Control |
A.9.1.1 – Access Control Policy |
Policy Management helps you establish policies, update it and circulate within your employees |
|
A.9.2.2 – User Access Provisioning |
Monitor and log the provisioning and de-provisioning of user accounts on endpoints, in Office 365 (Azure Active Directory), and G Suite. |
|
|
A9.2.3 – Management of Privileged access rights |
Monitor and log successful and failed logon events to assets across your on-premises and cloud environments. |
|
|
A9.2.6 – Removal or adjustment of access rights |
Monitor & alert logon of de-provisioned users |
|
|
A11 Physical and Environmental Security |
A11.1.2 – Physical entry controls |
Perimeter access control device assessment and monitoring |
|
A11.1.3 – Securing offices, rooms and facilities |
Endpoint Detection and Response – Secure all workstations |
|
|
A11.1.4 – Protecting against external and environmental threats |
Guest access Procedures established and stored, update it and circulate within your employees |
|
|
A11.2.7 – Secure disposal or reuse of equipment |
Media destruction procedures established and stored, update it and circulate within your employees |
|
|
A12 Operational Security |
A12.1.1 – Documented Operating Procedures |
Policy Management – Review and update all policies and procedures documents within the portal |
|
A12.1.2 – Change Management |
Monitor & alert configuration changes within your network |
|
|
A12.2.1 – Controls against malware |
Identify malware-based IoC, orchestrate manual and automated actions to isolate infected systems and block malicious domains. |
|
|
A12.3.1 – Information Backup |
Review and test the Data backup and recommend remedial measures |
|
|
A12.4.1 – Event Logging |
Aggregate logs and events from systems, applications, and devices from across your on-premises and cloud environments. Monitor access to and attempt to modify system and application binaries, configuration files, and log files. Monitor user access to your Cloud environment |
|
|
A12.4.2 – Protection of log information |
Monitor access to and attempt to modify system and application binaries, configuration files, and log files. File Integrity Monitoring can detect modification attempts to applications or online storage containing critical data. |
|
|
A12.4.3 – Administrator and Operator logs |
Monitor and log successful and failed logon events to assets across your on-premises and cloud environments Monitor user and administrator activities, including access and modification of files and content, in on-premises and cloud-hosted assets |
|
|
A12.4.4 – Clock Synchronization |
Monitor and alarm which could indicate issues or attempts to disable clock synchronization |
|
|
A12.6.1 – Management of Technical vulnerabilities |
Perform vulnerability assessment on all networks, applications, wireless including AWS or Azure Threat intelligence feed ensures that SQ1Shield operates with latest correlation directives, threat signatures and provide guided remediation |
|
|
13. Communications Security |
13.1 – Network Controls |
Monitor and correlate events gathered from network traffic (network IDS, cloud IDS) and network devices (routers, switches, firewalls, and more) to identify anomalous network traffic, such as communication to a known malicious server Classify threats across a kill-chain taxonomy to inform the risk level of that threat Monitor public and dark web sources for the trade or communication of stolen credentials |
|
A13.2.3 – Electronic messaging |
Monitors for phishing or malware attacks against email services, including Office 365 and G Suite |
|
|
A14 System acquisition, development and maintenance |
A14.1.2 – Securing application services on public networks |
Monitor and alarm on Group Policy errors, which could indicate attempts to disable local security services and introduce misconfigurations that compromise asset integrity and security |
|
A14.1.3 – Protecting application services transactions |
Monitor and correlate events gathered from network traffic (network IDS, cloud IDS) and network devices (routers, switches, firewalls, and more) to identify anomalous network traffic, such as communication of transactions and data to a known malicious server |
|
|
A14.2.8 – Systems security testing |
Perform application vulnerability testing during SDLC process |
|
|
A14.3.1 – Protection of test data |
Review and test the Data Storage & backup and recommend remedial measures |
|
|
A15 Supplier relationships |
A15.1.2 – Addressing security within supplier agreements |
Vendor Risk Management – Perform third party risk assessment and monitor the risks in third party that have access ePHI. |
|
A15.2.1 – Monitoring and review of supplier services |
Perform vulnerability assessment on Vendor Network and remediate. |
|
|
A16 Information security incident management |
A16.1.2 – Reporting information security events |
SQ1Shield enables monitoring and review of alarms, events, and reports Built-in notification capabilities enable analysts to be alerted to alarms through email, and SMS |
|
A16.1.4 – Assessment of and decisions on information security events |
Uses threat intelligence and correlation capabilities to detect threat and analyzes and swiftly respond |
|
|
A16.1.5 – Response to information security incidents |
Uses security orchestration and playbooks provides automated response to incidents |
|
|
A16.1.6 – Learning from information security incidents |
Provides forensic analysis of the incidents to ensure that such breaches do not reoccur |
|
|
A16.1.7 – Collection of evidence |
Aggregates events and log data from across your on-premises and cloud environments |
|
|
A17 Information security aspects of business continuity management |
A17.1.2 – Implementing Information security continuity |
Review the contingency plan in place and recommend remedial measures |
|
A18 Compliance |
A18.1.3 – Protection of data |
Review and test the Data Storage & backup and recommend remedial measures |