Statutory & Regulatory Compliance

Question: What are the access criteria offered in BigFix Service Management?

Answer: BigFix Service Management single sign-on and multi-factor authentication.

Question: What is the ability to support security controls over submission and approvals?

Answer: BigFix Service Management provides the capability to implement security controls over submission and approvals by assigning the required roles to the users. In addition, we can implement ACLs (Access Control List) to restrict/ allow users to submit and approve the tasks/ tickets.

Submissions: BigFix Service Management provides the capability to implement security controls over submission-based role-based access. In addition, we can implement ACLs (Access Control List) to restrict/ allow users to submission of requests.

Approvals: Approvals can be pre-configured for users as well as for groups, or based on roles and are accordingly triggered on the tickets.

Question: Can we assign role-based access rights and privileges in BigFix Service Management?

Answer: BigFix Service Management provides the capabilities to assign distinct roles to the users and or groups, and each role is assigned with the required rights. BigFix Service Management has key operational roles that are created to provide different functional access.

Question: What capability does BigFix Service Management have for audit logs and report on user account activity, rights, and privileges?

Answer: BigFix Service Management provides event logs, and transactional logs features to track login(s) and activities performed on BigFix Service Management instance. The event logs show all BigFix Service Management to an instance, while the transaction logs show all the activities on the instance, including any efforts to delete logs.

Question: What type of data encryption is supported for data at rest and in transit?

Answer: HCL BigFix Service Management SaaS version is hosted by default on AWS Cloud, providing robust data security through encryption both in transit and at rest.

  • Data in transit: Encrypted using TLS for Amazon EFS and benefiting from AWS’s inherent network encryption.
  • Data at rest: Protected by encryption features offered by AWS services like Amazon EBS and Amazon S3, with the option of using AWS CloudHSM for heightened security and compliance.

Question: How is data security and integrity ensured for customer data in HCL BigFix Service Management?

Answer: HCL BigFix Service Management SaaS version by default is hosted on AWS (Amazon Web Services), which provides foundational security services including privacy, backup and restore, and physical security for its availability zones and data centres. Like most SaaS applications, BigFix Service Management adheres to the shared responsibility model, where customers are accountable for their own security configuration and data.

HCL BigFix Service Management complements this by offering encryption and security mechanisms for its instances. To safeguard enterprise data, user data, transactional data, data at rest, and data in transit, HCL BigFix Service Management further employs multiple layers of security, including regular vulnerability assessments, penetration testing, and robust business continuity and disaster recovery plans. HCL BigFix Service Management also integrates security measures into its product and offers configurable security settings.

Question: Does HCL BigFix Service Management comply with global regulations like GDPR?

Answer: BigFix Service Management’ SaaS offering is by default hosted on AWS Cloud. AWS computing environments are continuously audited, with certifications from accreditation bodies across geographies and verticals, including SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70), SOC 2, SOC 3, ISO 9001 / ISO 27001, FedRAMP, DoD SRG, and PCI DSS Level 1. AWS services can be used in compliance with GDPR regulations.