Try For Free
Streamlining SOC 2 Compliance
Easily implement access controls required to ace your SOC 2 audit
SOC (Service Organization Control) 2 Type II is a widely recognized auditing standard, developed by the American Institute of Certified Public Accountants (AICPA),that focuses on a service organization's controls related to security, availability, processing integrity, confidentiality, and privacy. Achieving SOC 2 Type II compliance for cloud infrastructure requires a comprehensive approach that includes implementing various controls, processes, and policies.
Teleport Features for SOC 2 Controls
Logical & Physical Access (CC6) | ||||||
|---|---|---|---|---|---|---|
Control Name | ID | Teleport Capability | ||||
Restricts Logical Access | CC6.1 | Teleport Enterprise supports robust Role-based Access Controls (RBAC) to:
| ||||
Identifies and Authenticates Users | CC6.1 | Teleport provides role-based access controls (RBAC) using short-lived certificates, integrated with your existing identity management service. Connecting locally or remotely is just as easy. | ||||
Considers Network Segmentation | CC6.1 | Teleport enables Beyond Corp, Zero Trust network segmentation Teleport connects to nodes behind firewalls or creates reverse tunnels to a proxy server | ||||
Manages Points of Access | CC6.1 |
| ||||
Restricts Access to Information Assets | CC6.1 | Teleport uses certificates to grant access and create access control rules | ||||
Manages Identification and Authentication | CC6.1 | Teleport makes setting policies for SSH requirements and other protocols easy since it works in the cloud and on premise with the same authentication security standards. | ||||
Manages Credentials for Infrastructure and Software | CC6.1 | |||||
Uses Encryption to Protect Data | CC6.1 | Teleport Audit logs can use DynamoDB encryption at rest. | ||||
Protects Encryption Keys | CC6.1 | Teleport acts as a Certificate Authority to issue SSH and x509 user certificates that are signed by the CA and are (by default) short-lived. | ||||
Controls Access Credentials to Protected Assets | CC6.2 | |||||
Removes Access to Protected Assets When Appropriate | CC6.2 | |||||
Reviews Appropriateness of Access Credentials | CC6.2 | Teleport maintains a live list of all nodes within a cluster. This node list can be queried by users (who see a subset they have access to) and administrators any time. | ||||
Creates or Modifies Access to Protected Information Assets | CC6.3 | Build Approval Workflows to get authorization from asset owners. | ||||
Removes Access to Protected Information Assets | CC6.3 | Teleport uses temporary credentials and can be integrated with your version control system or even your HR system to revoke access with the Workflow API | ||||
Uses Role-Based Access Controls | CC6.3 | |||||
Reviews Access Roles and Rules | CC6.3 | Teleport maintains a live list of all nodes within a cluster. This node list can be queried by users (who see a subset they have access to) and administrators any time. | ||||
Restricts Access | CC6.6 | Teleport makes it easy to restrict access to common ports like 21, 22 and instead have users tunnel to the server using Teleport. Teleport uses the following default ports. | ||||
Protects Identification and Authentication Credentials | CC6.6 | Teleport protects credentials outside your network allowing for Zero Trust network architecture | ||||
Requires Additional Authentication or Credentials | CC6.6 | |||||
Implements Boundary Protection Systems | CC6.6 | Teleport offers a trusted clusters concept to manage trust across arbitrary infrastructure boundaries. | ||||
Uses Encryption Technologies or Secure Communication Channels to Protect Data | CC6.7 | Teleport has strong encryption including a FedRAMP compliant FIPS mode. | ||||
System Operations (CC7) | ||||||
|---|---|---|---|---|---|---|
Control Name | ID | Teleport Capability | ||||
Implements Detection Policies, Procedures, and Tools | CC7.2 | Teleport creates detailed SSH Audit Logs with Metadata Use Enhanced Session Recording to catch malicious program execution | ||||
Designs Detection Measures | CC7.2 | |||||
Communicates and Reviews Detected Security Events | CC7.3 | Use Session recording to replay and review suspicious sessions. | ||||
Develops and Implements Procedures to Analyze Security Incidents | CC7.3 | |||||
Contains Security Incidents | CC7.4 | Use Teleport to quickly revoke access and contain an active incident. Use Shared Sessions so Multiple On-Call Engineers can collaborate and fight fires together. | ||||
Ends Threats Posed by Security Incidents | CC7.4 | Use Teleport to quickly revoke access and contain an active incident. | ||||
Obtains Understanding of Nature of Incident and Determines Containment Strategy | CC7.4 | |||||
Evaluates the Effectiveness of Incident Response | CC7.4 | |||||
Periodically Evaluates Incidents | CC7.4 | Use Session recording and audit logs to find patterns that lead to incidents. | ||||
Determines Root Cause of the Event | CC7.5 | |||||
Improves Response and Recovery Procedures | CC7.5 | Replay Session recordings at your 'after action review' or postmortem meetings. | ||||
