Cloud One - Conformity platform best practice rules
Conformity ensures best practice of the usage of its own solution by checking the following rules
- Conformity API Keys Rotation (30 Days)
Ensure Conformity API keys are rotated on a periodic basis as a security best practice.
- Users signed in to Conformity from an approved country
Conformity user authentication from a non-approved country has been detected.
- Conformity user has signed in without MFA
Conformity user authentication without MFA has been detected.
- Monitor Conformity Configuration Changes
Rule administrative configuration changes have been detected within your Conformity account.
- Conformity Custom Policy Version
Ensure that AWS account is using the latest version of Conformity custom policy.
- Trend Micro Cloud One™ – Conformity Insufficient Access Permissions
Ensure that the Conformity Bot has all the permissions required to perform its latest checks.
- Enable Conformity Multi-Factor Authentication
Ensure Multi-Factor Authentication (MFA) is enabled for the Conformity account.