Many thanks to the great folks at Kolide, who have sponsored my website for the past week.
In 2021, our company went through the SOC 2 Type 1 audit, and we found out just how challenging it can be to prove compliance to a third-party auditor. We also learned firsthand something our customers had been telling us for a while: that we couldn’t have gotten our SOC certification without using our own product.
That product is Kolide, an endpoint security solution for Mac, Windows, and Linux devices. Kolide gives IT admins a single dashboard, through which you can prove that your fleet has the security measures that auditors care about.
With Kolide, you can instantly see whether:
- Firewalls and screen lock are enabled
- Operating systems are up-to-date
- Password managers are installed
Kolide also provides visibility into nuanced issues that MDMs can’t address, like whether developers have unencrypted SSH keys or plaintext 2FA backup codes.
Moreover, Kolide balances this visibility with respect for user privacy and autonomy. Users can visit the Privacy Center to see what device data is being collected and why. And when Kolide detects a vulnerability on a user’s device, it reaches out via Slack to notify them of the problem and provides step-by-step instructions on how to solve it.
At Kolide, we’ve helped hundreds of customers achieve compliance – for SOC 2, ISO27001, or their own internal security goals. And we’ve done so in ways that go beyond “checking the boxes” and actually increase transparency and collaboration between IT and end users.
If you want to know how you can get compliant without compromising your values, then we want to talk to you.
If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.