Skip to main content

How to Customize General Compliance Requirements for Your Organization

Updated over 3 weeks ago

1. Access the Compliance Settings

  1. In the SWIF console, go to Settings.

  2. Select the Compliance tab at the top.

You will see two main sections here:

  • Device Security Compliance: Toggles for features like Password manager records and Malware detection.

  • General Compliance Requirements: The checklist rules you can define for your organization’s security and compliance posture.

2. Reset or Customize Default Settings

Within General Compliance Requirements, you can either:

  • Click Reset Default Settings to revert to SWIF’s recommended defaults.

  • Manually configure each policy to tailor the requirements to your organization’s needs.

3. Review and Adjust Individual Controls

Under General Compliance Requirements, you’ll see a table of controls. Each control is grouped under a broader category (like “Software Update Policy,” “System Preferences,” etc.). Here’s how to interpret each column:

  1. Control: A label or category grouping certain policies (for example, “SW-1: Software Control”).

  2. Policy: Specific policy names (e.g., “Software Update Policy,” “Screen Saver Policy,” etc.).

  3. Requirement: What the policy enforces on each operating system or feature. For example, it may specify that macOS must have automatic updates turned on, or Windows must enable auto-updates.

  4. Recommended Setting: SWIF’s suggested configuration.

  5. Current Setting: The actual value applied. You can adjust this by selecting from the dropdown or toggling the option to match your desired level of compliance.

Some common policy examples include:

  • Software Update Policy (macOS, Windows, Linux)

  • Screen Saver Policy (lock intervals, idle delay)

  • FileVault Policy (encryption for macOS)

  • Bitlocker Auto Policy (encryption for Windows)

  • Login Window Policy (to show or hide user lists)

  • Password Manager Policies (minimum passcode length, special character requirements, etc.)

4. Specify Qualified Applications

Below the compliance table, you’ll find the Qualified Applications section. Here you can decide which applications are allowed or disallowed under compliance rules. For instance, you might:

  1. Select Allow only some apps or Deny some apps from the dropdown.

  2. Enter an application name (e.g., antivirus software) and specify its type—like Antivirus or something else.

  3. Add as many applications as needed to shape your approved or restricted software list.

5. Block or Exclude Certain Devices

Finally, the Blocklist Devices section lets you exclude specific devices from your compliance checks:

  1. Choose an Exclusion Rule (e.g., Exclude selected devices).

  2. Find the device by name or serial number.

  3. Add that device to your exclusion list. Excluded devices won’t be counted in compliance reports and the main checklist.

6. Confirm and Save

After adjusting all relevant policies, application rules, and exclusions:

  1. Review your changes to ensure they align with your organization’s security requirements.

  2. Click Save to finalize your updated compliance settings.

Tip: If you ever need to revert to the defaults, click Reset Default Settings within the General Compliance Requirements section. This will restore SWIF’s original recommendations for each policy.

That’s it! By following these steps, you can tailor SWIF’s General Compliance Requirements to match your organization’s security needs, manage approved or restricted applications, and exclude any devices you don’t want included in the compliance checks.

Related Articles
Installing Software from the Swif App Store
Set up Swif integration with Drata
Set up Swif integration with Vanta
Compliance readiness checklist
Set up Swif integration with Thoropass
Did this answer your question?