SAS-70-SOC Compliance

Overview

The SAS-70-SOC (Service Organization Controls) reports, which were widely used by service organizations to provide independent assurance of their internal control design and effectiveness, have been replaced by new SOC report options.

Logcollect for SAS-70-SOC Compliance

Logcollect combines SIEM, log management, proactive threat hunting, and guided incident response to effectively meet the requirements outlined in SAS 70-SOC requirements. With comprehensive monitoring, analysis, and reporting capabilities organizations can identify and manage their assets, establish access controls, protect resources, and respond promptly to incidents. 

By leveraging Logcollect’s comprehensive capabilities in infrastructure implementation, logical access control, firewall and network security, and data protection, organizations can meet the requirements of the SOC 2 framework effectively. Logcollect’s commitment to compliance and security enables businesses to gain assurance and build trust with their stakeholders. 

Using Logcollect to meet SAS-70-SOC Requirements

Infrastructure Implementation

Infrastructure Implementation – 5: The IT department maintains an up-to-date listing of all system software and respective level, version and patches that have been applied using system utility software.

Logcollect  capable of monitoring Application installed or uninstall and patches applied on a system. Logcollect  reports help to determine that which application has been installed or uninstalled.

Infrastructure Implementation – 9: The IT department monitors the system and assesses the system vulnerabilities using system utility software.

Logcollect Vulnerability Module can be used for system vulnerabilities assessment and reports for all the vulnerable system on environment. Logcollect  analysis and reporting capabilities can be used for monitoring the production environment and assess the system vulnerabilities.

Infrastructure Implementation – 10: OS and application security events are captured in an event log and monitored; the logs are reviewed in the event of a suspected security breach.

Logcollect  provides central and secure storage of all audit log data, and the log retained on the storage for 10 years depends upon the storage capacity of the device.

Logical Access

Logical Access – 1: Management has established policies and procedures for computer network access and equipment responsibilities.

Logcollect  monitors all logon, authorization and authentication to the system (success or failed), and reports which help to determine who, where and when done the activity.

Logical Access – 2: Management has established policy and procedures around User Account Management.

Logcollect  collects all user account management activities. Logcollect  reports provide easy and standard review of all user account management activity.

Logical Access – 3: User access is limited to the applications and related data for which they are authorized and approved.

Logcollect  monitoring capability can be used to detect the changes (Additions, Deletions, Modifications and Permissions) to the file system. Logcollect  analysis & reporting capabilities can be used for monitoring the changes. Logcollect  alerting can be utilized to detect and notify changes to specific configurations.

Logical Access – 5: Unique user IDs are assigned to individual users.

Complete auditing of user accounts and logons to analyze violations and prevent usage of the same ID by multiple persons (e.g. from different computers)

Logical Access – 6: New network access is reviewed and approved by the appropriate user manager; access to client data is approved by designated manager.

Logcollect  can be used to detect and report on granted access for a new user. Logcollect  helps to determine that network and system access granted to the user.

Logical Access – 7: System access for a user is terminated upon termination of the user’s affiliation.

Logcollect  can be used to detect and report on revoked access for Users. Logcollect  helps to determine that network and system access has been revoked for the terminated User.

Logical Access – 8: Management performs an annual review of user accounts to ensure that user accounts are valid and assigned privileges are aligned with users’ functional roles.

Logcollect  can be used to report and determine annual review of user accounts validity and assigned functional roles.

Logical Access – 9: Firewalls are used and configured to prevent unauthorized access via public networks.

Logcollect  capable of monitoring all authorized or unauthorized access to the firewall system. And reports to determine who accessed the system, also the capable of monitoring and reporting upon any changes done to the configuration of firewall policy, firewall rules and profile changes. Logcollect  email notification can be set to alert when unauthorized access has been done to the critical firewall system.

Logical Access – 12: Virus protection is in place to limit the possibility of disruptions that could compromise the security and confidentiality of client data.

Logcollect  capable of monitoring and reporting all activity from antivirus protection software.

Logical Access – 13: Transmission of sensitive data, its clients and its business partners is encrypted.

Logcollect  is capable of monitoring and reporting all the activity done by an external flash drive.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Policy to learn more.