The Dash Compliance Center is used to view, analyze, and take action on the issues that have been flagged within your cloud environment. Using Amazon Web Services SDKs and APIs, Dash performs a scan of your cloud environment on a daily basis. If there are any issues that should be addressed, Dash will create an issue to help you resolve this problem.
Compliance issues contain issues as related to HIPAA, SOC 2 and HITRUST technical safeguards (such as encryption and access control), and administrative safeguards (such as performing risk assessments and other reviews).
Here is an example of some potential issues as they would show up in your Compliance Center:
Filtering and Navigation
The right sidebar allows users to view and sort issues based on a number of filters:
- Issue Status – Users can view issues based on whether they are “Open Issues”, “Resolved Issues”, or “Ignored Issues”.
- Issue Priority – Users can view issues based on issue priority (Sort by high, medium, low)
- AWS Accounts – For organizations monitoring several AWS accounts in Dash ComplyOps, organizations can view issues for a specified AWS account(s).
- Source – Users can view issues based on the source of issue finding (scan, policy, etc)
- Service – Users can view issues based on the specific AWS cloud service (View issues related to S3, EC2, RDS.)
- My Issues – Users can view a list of all Compliance Center issues that are specifically assigned to them
- Remediation Available – Users can view a list of issues that have Dash automated remediations available
Users may click on any individual row or issue to view more information about the compliance concern and resolution. Individual issue pages may look like this:
In the Compliance Center Issue View users can find the following information:
- Compliance Standards – You will see how this issue relates to different compliance frameworks, namely HIPAA, SOC 2 and HITRUST and the applicable regulatory safeguards.
- Related Policies – Some issues are related to the policies found in the Policy Center. If there is a related policy, it is because there is a connection between the issue and one or more of the questions in the given policy. You can click the related policy to navigate to the Documents page for the given policy.
- Issue – This is a plain English description of what has been detected during the scan. Should provide service context and help you to pinpoint the issue.
- Recommendation – This is a suggestion on what should be done to bring this issue into compliance.
- Assignments – You can assign an issue to a specific team member or to yourself for future completion
- Affected Objects – This space outlines the AWS resources that have been flagged for this particular issue
- You can resolve a specific affected object once you have made the change necessary.
- You can see the resource ID as well as resource metadata for the given affected object.
- Issue Timeline – Shows events relative to the issue. Events include:
- Issue Opened
- Issue Resolved
- Issue Assigned
- Event History – Shows all the times the issue was detected during a scan and how many affected objects were detected during each scan.
After identifying compliance issues in your cloud environment, your team can work to address these concerns across infrastructure. Teams can mark individual “Affected Objects” as done by clicking “Resolve Issue Item“. Additionally, once teams have resolved all affected objects, they can mark the entire issues as complete by clicking “Resolve Issue” in the top right.
Dash will continue to monitor your cloud environment and will validate that these issues are properly resolved or flag them again if they are still active.
Teams may see all current Resolved Issues by navigating to the Compliance Issues page and selecting “Resolved” under the Issue Status Filter. This list contains all recently resolved issues and scans where no issues have been detected and may be considered “non-issues” validated scans.
When looking through identified compliance issues in your cloud environment, your team may sometimes find issues with specific “Affected Objects” that are not relevant to your security profile or contain risks your team is willing to accept.
- Your team may find an identified issue related to a marketing website.
- You may have a specific reason for keeping a specific port open for an application in your environment.
In these cases, your team can open an individual “Affected Object” and ignore the finding by clicking “Ignore Issue Item”. Ignored issue items/objects, will drop to the bottom of the issue list and become more transparent colored. Your team can later open this issue item and click “Track Issue Item” if you would like to make the item visible again.