In 2021, Kolide went through the SOC 2 Type 1 audit, and they found out just how challenging it can be to prove compliance to a third-party auditor. They also learned firsthand something their customers had been telling them for a while: that they couldn’t have gotten their SOC certification without using their own product.
That product is Kolide, an endpoint security solution for Mac, Windows, and Linux devices. Kolide gives IT admins a single dashboard, through which you can prove that your fleet has the security measures that auditors care about.
With Kolide, you can instantly see whether:
- Firewalls and screen lock are enabled
- Operating systems are up-to-date
- Password managers are installed
Kolide also provides visibility into nuanced issues that MDMs can’t address, like whether developers have unencrypted SSH keys or plaintext 2FA backup codes.
Moreover, Kolide balances this visibility with respect for user privacy and autonomy. Users can visit the Privacy Center to see what device data is being collected and why. And when Kolide detects a vulnerability on a user’s device, it reaches out via Slack to notify them of the problem and provides step-by-step instructions on how to solve it.
Kolide has helped hundreds of customers achieve compliance–for SOC 2, ISO27001, or their own internal security goals. And they’ve done so in ways that go beyond “checking the boxes” and actually increase transparency and collaboration between IT and end users.
If you want to know how you can get compliant without compromising your values, then we want to talk to you.
Our thanks to Kolide for its support of MacStories this week.