Why do I need to monitor vendor access?
SOC 2 and ISO 27001 require companies to monitor and track the level of access each employee has to various systems. The Vendor Access page allows you to easily monitor and review your team's user accounts continuously.
How does it work?
- The Filter function can be used to show which employees have specific criteria enabled such as Two Factor Authentication, Single Sign On, Privileged, and their Active state.
- Select Vendor is a drop-down that can be used to show the list of users who have access to a specific vendor.
- Secureframe Admins can use the information on Vendor Access to remind their employees to set up 2FA and remove any unnecessary permissions to stay compliant.
- When off-boarding an employee, you'll want to make sure all their accounts have been deactivated with 24 hours of termination.
- When performing an access review, you'll want to deactivate or remove any unused accounts.