Override security policy status
Cloudneeti allows admin users to override the security policy status. After an evaluation of a risk associated to policy compliance, Customers/Auditors can decide on overriding the policy to meet the internal governance needs. Various options to indicate 3rd party compensating controls, time-bound exceptions to exclude policies are available. Overriding policy status indicates that you have completed resolution and if done without caution, it might carry an inherent security risk. New resolution status will be effective at the cloud account level across all benchmarks post next successful Cloud account scan.
Following roles are required to override the security policy status. - License Admin - Account Admin
Override status options
One of the below status can be chosen to override the security policy status
Pass – 3rd Party
Override a security policy to resolve status to Pass – 3rd Party where there are compensating controls available.
Pass – Manual override
Security policy can be reviewed using audit procedure and if resources' configurations are compliant, user can mark override policy status "Manual" and mark it Pass – Manual override. User is advised to periodically review resource configurations compliance state.
Pass – Time bound exception
If there is a need to exceptionally pass a policy, Pass – Time bound exception can be used with a time bound date. Policy status will be overridden until the given date. Once the time bound period is over, next successful scan will show policy status compliance as per scan results.
Exclude – Not applicable
Disables data collection at a security policy level, if used Exclude – Not applicable as overridden resolution status.
Note: For bulk exclusion use Security policies under configurations to exclude security policies at the global and account level.
Override security policy at a cloud account level
STEP 1: Navigate to security policy details page
Navigate to Security policy page from Benchmark Summary page
STEP 2: Override security policy at a cloud account level
Select new security policy status
Add security policy new resolution notes and resolve
Check success message
STEP 3: Scan cloud account or wait for a scheduled scan to happen
Initiate cloud account scan or wait for next scheduled scan
Check success message
STEP 4: Verify overridden security policy status
Verify new resolution state for security policy
New resolution status will be effective from the next data collection cycle in all dashboards.
Increase in the number of passed policies and compliance percentage if polcies overridden resolved as passed.
Decrease in the number of policies if policies overridden resolved as passed.
Related policy status is updated to Pass if policies overridden resolved as passed.
UI (summary and details)
New resolution status will be effective from the next data collection cycle in all benchmarks. Please find below benchmark summary page.
Risk Matrix (based on ISO 27005) will have a decrease in the number of policies overridden resolved as passed.
Compliance posture will increase the passed policies and compliance percentage if policies overridden resolved as passed.
Policy Compliance Trend will show updates policies overridden resolved as passed.
New resolution status will be effective from the next data collection cycle on the Policy details page. Details like Policy status with details (1), Resolution Note (2), Override Initiated by (3) will appear.
New resolution status will be effective in reports from the next data collection cycle.
Undo override security policy
Navigate to policy details page
Click on Undo Override
Confirm by clicking Yes Please
A success message will appear
The undone resolution makes policy scanned compliance status visible instead of overridden status from the next data collection cycle.