Override security policy status
Overview
Cloudneeti allows admin users to override the security policy status. After an evaluation of a risk associated to policy compliance, Customers/Auditors can decide on overriding the policy to meet the internal governance needs. Various options to indicate 3rd party compensating controls, time-bound exceptions to exclude policies are available. Overriding policy status indicates that you have completed resolution and if done without caution, it might carry an inherent security risk. New resolution status will be effective at the cloud account level across all benchmarks post next successful Cloud account scan.
Required roles
Following roles are required to override the security policy status. - License Admin - Account Admin
Override status options
One of the below status can be chosen to override the security policy status
Pass – 3rd Party
Override a security policy to resolve status to Pass – 3rd Party where there are compensating controls available.
Pass – Manual override
Security policy can be reviewed using audit procedure and if resources' configurations are compliant, user can mark override policy status "Manual" and mark it Pass – Manual override. User is advised to periodically review resource configurations compliance state.
Pass – Time bound exception
If there is a need to exceptionally pass a policy, Pass – Time bound exception can be used with a time bound date. Policy status will be overridden until the given date. Once the time bound period is over, next successful scan will show policy status compliance as per scan results.
Exclude – Not applicable
Disables data collection at a security policy level, if used Exclude – Not applicable as overridden resolution status.
Note: For bulk exclusion use Security policies under configurations to exclude security policies at the global and account level.
Override security policy at a cloud account level
STEP 1: Navigate to security policy details page
-
Navigate to Security policy page from Benchmark Summary page
STEP 2: Override security policy at a cloud account level
-
Click Override
-
Select new security policy status
-
Add security policy new resolution notes and resolve
-
Check success message
STEP 3: Scan cloud account or wait for a scheduled scan to happen
-
Initiate cloud account scan or wait for next scheduled scan
-
Check success message
STEP 4: Verify overridden security policy status
-
Verify new resolution state for security policy
Dashboards
New resolution status will be effective from the next data collection cycle in all dashboards.
Compliance
Increase in the number of passed policies and compliance percentage if polcies overridden resolved as passed.
Risk
Decrease in the number of policies if policies overridden resolved as passed.
Asset Security
Related policy status is updated to Pass if policies overridden resolved as passed.
UI (summary and details)
Summary
New resolution status will be effective from the next data collection cycle in all benchmarks. Please find below benchmark summary page.
-
Risk Matrix (based on ISO 27005) will have a decrease in the number of policies overridden resolved as passed.
-
Compliance posture will increase the passed policies and compliance percentage if policies overridden resolved as passed.
-
Policy Compliance Trend will show updates policies overridden resolved as passed.
Policy Details
New resolution status will be effective from the next data collection cycle on the Policy details page. Details like Policy status with details (1), Resolution Note (2), Override Initiated by (3) will appear.
Reports
New resolution status will be effective in reports from the next data collection cycle.
Audit Logs
Undo override security policy
-
Navigate to policy details page
-
Click on Undo Override
-
Confirm by clicking Yes Please
-
A success message will appear
-
The undone resolution makes policy scanned compliance status visible instead of overridden status from the next data collection cycle.