Compliance

Streamlining SOC 2 Compliance

Easily implement access controls required to ace your SOC 2 audit

SOC (Service Organization Control) 2 Type II is a widely recognized auditing standard, developed by the American Institute of Certified Public Accountants (AICPA),that focuses on a service organization's controls related to security, availability, processing integrity, confidentiality, and privacy. Achieving SOC 2 Type II compliance for cloud infrastructure requires a comprehensive approach that includes implementing various controls, processes, and policies.

Need SOC 2 Help?

Get in touch

Teleport Features for SOC 2 Controls

Logical & Physical Access (CC6)
Control Name	ID	Teleport Capability
Restricts Logical Access	CC6.1	Teleport Enterprise supports robust Role-based Access Controls (RBAC) to: Control which SSH nodes a user can or cannot access. Control cluster level configuration (session recording, configuration, etc.) Control which UNIX logins a user is allowed to use when logging into a server.
Identifies and Authenticates Users	CC6.1	Teleport provides role-based access controls (RBAC) using short-lived certificates, integrated with your existing identity management service. Connecting locally or remotely is just as easy.
Considers Network Segmentation	CC6.1	Teleport enables Beyond Corp, Zero Trust network segmentation Teleport connects to nodes behind firewalls or creates reverse tunnels to a proxy server
Manages Points of Access	CC6.1	Label Nodes to inventory and create rules Create Labels from AWS Tags Teleport maintains a live list of all nodes within a cluster. This node list can be queried by users (who see a subset they have access to) and administrators any time.
Restricts Access to Information Assets	CC6.1	Teleport uses certificates to grant access and create access control rules
Manages Identification and Authentication	CC6.1	Teleport makes setting policies for SSH requirements and other protocols easy since it works in the cloud and on premise with the same authentication security standards.
Manages Credentials for Infrastructure and Software	CC6.1	Invite nodes to your cluster with short lived tokens.
Uses Encryption to Protect Data	CC6.1	Teleport Audit logs can use DynamoDB encryption at rest.
Protects Encryption Keys	CC6.1	Teleport acts as a Certificate Authority to issue SSH and x509 user certificates that are signed by the CA and are (by default) short-lived.
Controls Access Credentials to Protected Assets	CC6.2	Request Approval from the command line Build Approval Workflows Send approvals to tools like Slack or Jira
Removes Access to Protected Assets When Appropriate	CC6.2	Teleport issues temporary credentials based on an employees role and are revoked upon job change, termination or end of a maintenance window
Reviews Appropriateness of Access Credentials	CC6.2	Teleport maintains a live list of all nodes within a cluster. This node list can be queried by users (who see a subset they have access to) and administrators any time.
Creates or Modifies Access to Protected Information Assets	CC6.3	Build Approval Workflows to get authorization from asset owners.
Removes Access to Protected Information Assets	CC6.3	Teleport uses temporary credentials and can be integrated with your version control system or even your HR system to revoke access with the Workflow API
Uses Role-Based Access Controls	CC6.3	Role based access control ("RBAC") allows Teleport administrators to grant granular access permissions to users.
Reviews Access Roles and Rules	CC6.3	Teleport maintains a live list of all nodes within a cluster. This node list can be queried by users (who see a subset they have access to) and administrators any time.
Restricts Access	CC6.6	Teleport makes it easy to restrict access to common ports like 21, 22 and instead have users tunnel to the server using Teleport. Teleport uses the following default ports.
Protects Identification and Authentication Credentials	CC6.6	Teleport protects credentials outside your network allowing for Zero Trust network architecture
Requires Additional Authentication or Credentials	CC6.6	Teleport can manage MFA with TOTP or U2F Standards or connect to your Identity Provider using SAML, OAUTH or OIDC.
Implements Boundary Protection Systems	CC6.6	Teleport offers a trusted clusters concept to manage trust across arbitrary infrastructure boundaries.
Uses Encryption Technologies or Secure Communication Channels to Protect Data	CC6.7	Teleport has strong encryption including a FedRAMP compliant FIPS mode.

System Operations (CC7)
Control Name	ID	Teleport Capability
Implements Detection Policies, Procedures, and Tools	CC7.2	Teleport creates detailed SSH Audit Logs with Metadata Use Enhanced Session Recording to catch malicious program execution
Designs Detection Measures	CC7.2	Use Enhanced Session Recording to catch malicious program execution, capture TCP connections and log programs accessing files on the system the should not be accessing.
Communicates and Reviews Detected Security Events	CC7.3	Use Session recording to replay and review suspicious sessions.
Develops and Implements Procedures to Analyze Security Incidents	CC7.3	Analyze detailed logs and replay recorded sessions to determine impact. See exactly what files were accessed during an incident.
Contains Security Incidents	CC7.4	Use Teleport to quickly revoke access and contain an active incident. Use Shared Sessions so Multiple On-Call Engineers can collaborate and fight fires together.
Ends Threats Posed by Security Incidents	CC7.4	Use Teleport to quickly revoke access and contain an active incident.
Obtains Understanding of Nature of Incident and Determines Containment Strategy	CC7.4	Use Teleport's Session Recording and Replay along with logs to understand what actions led to an incident.
Evaluates the Effectiveness of Incident Response	CC7.4	Use audit logs and session recordings to find pain points in your incident response plan and improve effectiveness.
Periodically Evaluates Incidents	CC7.4	Use Session recording and audit logs to find patterns that lead to incidents.
Determines Root Cause of the Event	CC7.5	Use Session recording and audit logs to find root cause.
Improves Response and Recovery Procedures	CC7.5	Replay Session recordings at your 'after action review' or postmortem meetings.

Additional Resources

Blog Post

The NIS2 Directive is Here. What Happens Next?

Read Now

Webinar

2024 Secure Infrastructure Access Report: Key Insights and Trends

Webinar Registration

Webinar

Navigating Access Challenges in Kubernetes-Based Infrastructure

Watch On Demand

Ready to get started?

Delight your engineers. Protect your infrastructure.

Try Teleport Free Let's Talk!

Teleport for AI Infrastructure

Teleport for Access & Governance

Teleport for Identity Security

Industries

Featured Resource

Compliance

Featured Resource

Strategic Partners

Featured AWS Webinar

Read

Experience

Discover

Featured Blog Post

Company

Explore

Featured Webinar

Teleport Partners

From Our Partners