Setting up Your Employee Security Program

Shannon DeLange
Shannon DeLange Idea generator Vanta Team Member Conversation starter
  • Updated

Are you new to Vanta and looking to get started? It is essential to ensure you begin your employees' onboarding process. The onboarding process ensures your team members complete the checklist items to maintain organizational compliance.

 

Configure your Groups

  •  The goal is to organize your employees based on either department, job functions, or "level of access."
  • Learn more about creating your groups here.

Configure & customize your Checklists settings

  • Groups are meant to be the best way to identify and organize your employees, and Checklists are where you assign security tasks to employees (they're different pages, both designed to work hand-in-hand)
  • You can create a specific checklist for people who don't touch sensitive data (such as customer data, production environment, HR/employee data, or ePHI) and scope down their required policies & security tasks.
  • You can always use the same checklist for multiple groups
  •  Feel free to preview the employee onboarding workflow (app.vanta.com/onboarding)
 If you're unsure what security tasks should be required for your groups, its a Security Best Practice to treat them as a FTE and hold them to the same standard. That way you're covering all your bases as a company, and ensuring the best security posture

Send out internal communication

  • Leverage Vanta's provided templates to give your employees more context
  • This gives your employees a precursor into what you're doing as a company to be secure & compliant, a brief intro to Vanta, and company-wide action items
  • We recommend sending this out as a company-wide email & in your Slack's #general channel
  • Also, it's important to assign a deadline. This way, you can follow up with specific teams/people managers.

Enable automated employee reminders on the Settings page

  • Vanta will automatically send out email reminders to your employees for their required security tasks - and you can set this to weekly or daily
  • We recommend using weekly at first, then switching to daily reminders as the deadline approaches
  • There is also a Vanta<>Slack integration that you can leverage for reminders, also found on the Settings page