Skip to main content

Request SaaS Deployment

Contact Sales

ISO/IEC 27001 Compliance Solutions

Monitor insider activity. Detect anomalies. Respond to incidents. ALL-IN-ONE

Who needs to comply with ISO 27001?

Benefits of complying with ISO 27001

01

Implement the best cybersecurity measures

02

Validate data security effectiveness for customers and stakeholders

03

Prevent Data and reputational losses

04

Gain a competitive advantage

ISO 27001 major controls

A.5. Information security policies

A.6. Organization of information security

A.7. Human resource security

A.8. Asset management

A.9. Access control

A.10. Cryptography

A.11. Physical and environmental security

A.12. Operation security

A.13. Communications security

A.14. System acquisition, development and maitenance

A.15. Supplier relationships

A.16. Information security incident management

A.17. Information security aspects of business continuity management

A.18. Compliance

Ekran System can help your organization comply with ISO 27001 by providing you with tools for monitoring and logging user actions, managing access to sensitive resources, responding to security events, and auditing suspicious activity.

Also, Ekran System’s own quality management system and ISMS comply with ISO 9001 and ISO 27001.

Download White Paper

Implementing ISO 27001 controls with Ekran System

Become ISO 27001 compliant with Ekran System

Administrative safeguards

Organization of information security

Asset management

Access control

Operations security

Supplier relationships

Information security incident management

Technical safeguards

Role-based access control
Remote user monitoring

USB device management

Identity management and access control
Password management

User activity monitoring

Third-party vendor monitoring

Auditing and reporting

Organization of information security. Deploying Ekran System helps you establish a cybersecurity management framework. This platform provides you with the means to grant access privileges and monitor the activity of regular users, privileged users, and remote employees. By doing so, you’ll be able to meet the following requirements:

  • A.6.1.2. Segregation of duties
  • A.6.2.2. Teleworking

Asset management. You can detect, manage, manually or automatically approve, and block any connection of a USB device to an endpoint monitored with Ekran System. This functionality covers the following control:

  • A.8.3.1. Management of removable media

Ekran’s password management functionality securely handles user credentials and secrets, providing an additional level of access protection.

This set of access management tools helps you comply with such ISO 27001 requirements:

  • A.9.1.2. Access to networks and network services
  • A.9.2.3. Management of privileged access rights
  • A.9.2.4. Management of secret authentication information of users
  • A.9.2.5. Review of user access rights
  • A.9.2.6. Removal or adjustment of access rights
  • A.9.4.1. Information access restriction
  • A.9.4.2. Secure log-on procedures
  • A.9.4.3. Password management system

Operations security. User activity monitoring is one of the core functionalities of Ekran System. This solution monitors and logs each user action on protected endpoints and couples context-rich recordings with searchable metadata: names of opened files and folders, connected USB devices, accessed URLs, executed commands, etc. Monitoring data is protected with AES-256 encryption and is easy to review and analyze. All encryption algorithms use FIPS 140-2 certified encryption implementations. With this functionality, you can implement these controls:

  • A.12.1.2. Change management
  • A.12.4.1. Event logging
  • A.12.4.2. Protection of log information
  • A.12.4.3. Administrator and operator logs
  • A.12.7.1. Information systems audit controls

Supplier relationships. With Ekran System, you can monitor the activity of third-party vendors just as easily as the activity of your own employees. The software logs their activities, manages access, and controls privileges. Vendor actions can be reviewed online or in records. This functionality corresponds to the following control:

  • A.15.2.1. Monitoring and review of supplier services

Information security incident management. Being a full-cycle cybersecurity platform, Ekran System provides you with the means to detect and respond to cybersecurity incidents. You can assess suspicious user actions online, educate users on security violations, and block suspicious processes, sessions, or users. After an event, you can review and analyze logs, generate reports on the event, and export data for forensic investigation. Using Ekran System, you can implement these ISO 27001 security controls:

  • A.16.1.2. Reporting information security events
  • A.16.1.4. Assessment of and decision on information security events
  • A.16.1.5. Response to information security incidents
  • A.16.1.7. Collection of evidence
Download White Paper

Let’s get the conversation started

Contact our team to learn how our insider risk management software can safeguard your organization’s data from any risks caused by human factors. Book a call with us at a time that suits you best, and let’s explore how we can help you achieve your security goals.