Be sure to link as many of your connections to Vanta as possible before starting these tasks. You can connect your integrations using our in-product wizard on the connections page. Monitors management is a critical component of your continued security monitoring and setting up for a smooth and easy audit.
The monitors will be separated by category, and each monitor will show who is assigned to the monitor, the status of the monitor.
For some quick wins for a successful audit, make sure the following monitors are enabled:
Turn on MFA for systems you’ve integrated with Vanta
- MFA on G Suite
*This monitor can take up to two days to pass after updating the setting - MFA on infrastructure provider
- MFA on version control tool
Update your SSL configurations
- SSL certificate has not expired
- SSL configuration has no known issues
- SSL enforced on the company website
- Strong SSL/TLS ciphers used
Deny public SSH in your infrastructure resources
- Public SSH denied
Ensure the root account is not used
- Root infrastructure account unused
Add pull requests templates and require code approval in your codebase
- Application changes reviewed
- Security impact considered in pull requests (GitHub)
Upload organization documentation
- Add job descriptions for key security roles
- Add a new hire contract
- Add your company organization chart
- Add a sample of an internal communications sample about a significant product change