/
Compliance Standards

Compliance Standards

Owned by Ryan Seymour, created
Last updated: Apr 29, 2025

You can find this module at the Global and Company levels.

Compliance Standards refer to policies, rules, regulations, and guidelines that information technology (IT) organizations must follow to meet specific security, privacy, and operational requirements.

Regulatory bodies, industry organizations, or government agencies often establish these standards to promote best practices and protect sensitive information.

Adhering to compliance standards helps organizations mitigate risks, enhance cybersecurity, and maintain the trust of customers and stakeholders.

The following compliance standards are supported.

  • CIS

  • CYBER ESSENTIALS

  • ESSENTIAL EIGHT

  • GDPR

  • GPG 13

  • HIPAA

  • ISO 27002

  • NIST 800 53

  • NIST 800 171

  • NIST CSF 2.0

  • PCI-DSS

Compliance scans must be enabled for this data to populate; check the Company or Global Settings under Compliance Type to turn the standards on/off.

image-20250210-171603.png

How To: Run A Compliance Scan

CS-Video.png

Visit our YouTube Channel for more video content: https://www.youtube.com/@connectsecure

Table of Contents

Compliance Standards - Details

Access the Compliance Standards from the Compliance category.

image-20250210-165847.png

This is a global view of how assets meet or fail compliance requirements and configuration checks.

The table will default to CIS compliance Type, Windows Server platform, and all Maturity levels.

image-20250210-171157.png

This views how assets meet or fail compliance requirements and configuration checks.

The green tile counts will indicate passes.

Fails will be indicated by the red tiles.

image-20240531-194357.png

You can switch between different Compliance Types, Platforms, and Maturity Levels to meet your needs and clients' compliance requirements.

image-20240531-194418.png

You can tap on any tiles listed under Compliant, Non-Compliant, Manual Compliant, Manual Non-Compliant, Company, or Asset to see the details in the right-side Compliant pod (2).

image-20240130-164550.png

Column Label

General Use / Description

Column Label

General Use / Description

Section

Displays specific section details from the selected Compliance Type.

Compliant

Displays the count of compliant controls by Compliance ID for the selected Compliance Type.

Non Compliant

Displays the count of non-compliant controls by Compliance ID for the selected Compliance Type.

Manual Compliant

Displays the count of manual compliant controls by Compliance ID for the selected Compliance Type.

Manual Non-Compliant

Displays the count of manual non-compliant controls by Compliance ID for the selected Compliance Type.

Company

Displays the number of companies that are affected.

Asset

Displays the number of assets that are affected.

Manual Compliant / Non-Compliant must be verified manually and generally has some type of uploaded evidence.

image-20240130-165845.png

Column Label

General Use / Description

Column Label

General Use / Description

Compliance ID

Displays the ConnectSecure issued ID to reference a specific compliance type check. Tap to see the Compliance Check Details.

image-20240205-200529.png

Sub Section

Displays the name of the sub-section from the selected Compliance Type

Description

Displays the detailed description of the specific Compliance ID.

Assets

Displays the count of Assets affected by the selected Compliance ID. Tap the count to see the list of assets.

image-20240205-200639.png

Remediation Options

GPO and WMI Filters

ConnectSecure offers remediation of the CIS controls by tapping the GPO and WMI Filters download button. These are limited to CIS standards.

image-20240531-194823.png

Compliance Remediation Script Disclaimer

This PowerShell script is intended for the purpose of automating compliance remediation tasks within your organization's IT infrastructure. By executing this script, you acknowledge and agree to the following:

  1. The purpose of this script is to bring systems or configurations into compliance with established organizational policies and standards.

  2. While every effort has been made to ensure the script's accuracy and safety, it is provided "as is" without any warranties or guarantees of any kind.

  3. The author(s) of this script shall not be held liable for any unintended consequences, data loss, or disruptions that may occur as a result of running this script.

  4. You should thoroughly review and understand the functionality of this script and its potential impact on your systems and network environment before executing it.

  5. You are responsible for taking appropriate precautions, including creating backups and verifying the script's behavior in a non-production environment before deploying it in a production setting.

  6. This script may make changes to system settings, configurations, or data. Ensure you have proper authorization and adhere to your organization's change control processes and policies when using this script.

  7. It is advisable to consult with your organization's compliance and security teams, as well as seek appropriate approvals, before running this script in a production environment.

By proceeding with the execution of this script, you confirm that you have read and understood this disclaimer, and you accept full responsibility for its use. If you do not agree with these terms or are unsure about the script's effects, do not proceed with its execution.

You must tap ‘I Agree’ on the Compliance Remediation Script Disclaimer, and then a ZIP file will be downloaded to your default download location.

image-20240520-211349.png

The folder should contain a separate folder for MAC and Windows-based objects.

image-20240520-211449.png

Open Group Policy Management on the Domain Controller.

Right-click on the Domain and link both the GPOs to the domain.

image-20240605-192556.png

If you would like to apply the GPO to specific users and computers, select the object type and click on Object types -> Check Computers. In the enter the object name to select, select the computer name. In users, add only required users.

image-20240605-192805.png

If you want to apply this GPO only to a specific machine's OS, you should also apply the WMI Filter to that Group policy object. 

image-20240605-193016.png

Follow the same for both User and Computer GPOs.

Go to the Domain joined machine and execute gpupdate /Force in PowerShell as Administrator. 

To check which group policy was applied, run gpresult /r

 Install a ConnectSecure agent in the machine with the GPO applied and run a scan

Check the results; the policies will be remediated. 

Compliance Standards - Toolbar Options

image-20250210-172907.png

Alerts

View our timeline style of System Events captured for each company. You can set an optional date filter range to target a specific date range of events.

image-20250206-143947.png

Info

Tap here to view your V4 Getting Started Info.

Getting Started In App Info

Help Link

image-20250206-144503.png

Click to access the related documentation page; this link is functional on all screens and will take you to the appropriate documentation page.

Layout Settings

Here, you can change the UI look and feel using various options, including the Theme for color, the Scheme for dark and light mode, the Layout for toolbar and module positions, and the toggle to set the table view default.

I prefer the Teal color, Light mode, and Classic layout with an asset table view.

image-20250206-150338.png

Get Support

Our support team is here to help. Use one of three options to start a support request.

  1. Email to support@connectsecure.com

  2. Login to our Freshdesk partner portal at https://cybercns.freshdesk.com

image-20240206-144508.png

Related content