Overview

Scrut now integrates with Sophos Central MDM to further automate compliance and strengthen device governance. This integration syncs employee computer devices into Scrut, enabling asset management and streamlined access reviews. It also powers automated tests to verify hard disk encryption, monitoring via Scrut Agent or MDM, assigned asset ownership, and tracking of resources containing critical data, ensuring stronger security and compliance with less manual effort.

Why Connect

• Provide auditors with device posture evidence (encryption, antivirus, monitoring)
• Show assets are managed and assigned to users via MDM
• Surface non-compliant devices for remediation.

Supported Automated Tests

Scrut provides pre-built automated tests for Sophos Central. Here are a few examples of Scrut’s Sophos Central tests:

• Access reviews completed for all in-scope applications
• Sophos Central accounts associated with users
• Sophos Central accounts deprovisioned when employees leave

Supported Automated Evidence

Scrut automates the collection of some evidences for Sophos Central. Here are a few examples of Scrut’s Sophos Central-driven evidences that can be collected:

• Documented Asset Inventory and Review Dates
• Geolocation Requirements for Processing, Storage and Service Locations
• Offboarding - Logical Access & Physical Access Revocation
• Production Data not for Testing
• Reports of User Access Reviews
• Separation of Development, Test and Production Environment
• User Access Approval list to Application, Infrastructure and Service