What are the steps for Employee onboarding in Vanta?

Rick Great answers Vanta Team Member

Step-by-step guide for Employee onboarding

This guide will walk you through how to set up the security tasks that you want your employees (end-users) to follow and complete in Vanta. We recommend having your policy stack in place before following the steps below (Policies are fully uploaded, approved, and ready for employees to read/accept).

  1. Configure your Groups
    The goal is to easily identify/organize your employees based on either department, job functions, or "level of access"
    *Pro tip - depending on the size of your company or how many employees you have, its typically best practice to keep your number of groups to under 5, so it's streamlined + easier to manage. If you ever need to expand your number of groups, its easier to add those in the future, as needed.

  2. Configure & customize your Checklists settings
    - Checklists are where you assign a “checklist of security tasks” to your designated Groups that you’ve just set up
    - You can create a specific checklist for people that don't touch any sensitive data (such as customer data, production environment, HR/employee data, or ePHI) and scope down their required policies & security tasks
    - You can always use the same checklist for multiple groups
    - Feel free to preview the employee onboarding workflow (app.vanta.com/onboarding)
    *Pro tip - if you're unsure what security tasks should be required for your groups, its a Security Best Practice to treat them as a FTE and hold them to the same standard. That way you're covering all your bases as a company, and ensuring the best security posture

  3. Send out an internal communication
    - Leverage Vanta's provided templates to give your employees more context on what to expect
    - The templates will have a precursor into what you're doing as a company to be secure & compliant, a brief intro to Vanta, and company-wide action items
    - We recommend sending this out as a company-wide email & in your Slack's #general channel
    - Also important to assign a deadline that way you can follow up with specific teams/people managers

  4. Provide more info/context on the Vanta Agent - (Optional)
    - If your company is on a BYOD policy - its typically helpful to give your employees more reassurance about installing/running the Vanta Agent on their machines
    - The Vanta Agent is an extremely lightweight app, that doesn't hinder computer performance. It also has limited read-only capabilities, designed to prove the computer is secure.
    - The agent does not read sensitive information like passwords, emails, or browsing history
    Additional resources: Overview of the Vanta Agent, In-depth article outlining what information the Agent queries

  5. Enable automated employee reminders on the Settings page
    - Vanta will automatically send out e-mail reminders to your employees for their required security tasks - and you can set this to "weekly" or "daily"
    - We recommend using "weekly" at first, then switching to "daily" reminders as the deadline approaches
    - There is also a Vanta<>Slack integration that you can leverage for reminders, also found on the Settings page

Comments

3 comments

  • Comment author
    Shannon Idea generator Vanta Team Member Conversation starter

    Rick this is so helpful! It's a huge step in the implementation of Vanta, and this makes the process so clear! 

    1
  • Comment author
    Rick Great answers Vanta Team Member

    Yay! Glad you found it helpful ◡̈ 

    0
  • Comment author
    Lucien Pinto Community Founding Member Conversation starter Idea generator

    Very nice and helpful !

    0

Please sign in to leave a comment.