Frequently Asked Questions (FAQs)
Why should I use Surveilr?
Surveilr is the better option for gathering compliance proof through machine attestation, which is why you should use it. Code, test results, emails, issues/tickets, and wikis are examples of machine attestation artifacts that Surveilr's agent can use to conclusively demonstrate adherence to security, privacy, safety, and regulatory compliance policies—as opposed to human attestation, which depends on trust and manual processes. Through the use of this method, people can verify information more quickly and accurately by avoiding the need to complete forms, respond to emails, or take up time in meetings. Compared to conventional human-based approaches, Surveilr's machine attestation technology offers a dependable and automated means of verifying policy compliance, hence improving security and regulatory adherence.
How do I install Surveilr?
We have provided a detailed guide on how to install `surveilr` on your machine (Linux, Windows, and MacOS ), find it here.
What are the minimum system requirements to run Surveilr?
While surveilr can run on low-performing systems, we recommend at least a dual-core processor, 2GB of RAM, and 8GB of available disk space for optimal performance.
How do I use Surveilr?
We have provided a comprehensive guide on how surveilr can be used to gather machine-attested compliance evidences from different Work Product Artifacts (WPAs) across a wide variety of disciplines. Here's an example of how software engineers make use of surveilr.
Will my data such as emails be tracked by Opsfolio?
No, Opsfolio does not track personal information, including emails, at any point in time. All data processed by Surveilr is stored in a Resource Surveillance State Database (RSSD) that is stored locally on the client's machine, and not connected to any of our cloud databases.
If my data is tracked by the company, how can I trust that my data is safe?
We do not track your data, so you can be rest assured your data is safe.
I have generated the RSSD files, now what's the next step from this?
The next step is to navigate to the disciplines and WPAs page, choose your discipline, and see various ways you can extract machine-attested compliance evidences from the RSSD using SQL, depending on the Work Product Artifact (WPA). Here's an example of how software engineers extract compliance evidences from the RSSD file.
While using the IMAP ingestion how can I exclude confidential email from getting ingested in the RSSDs?
Specific emails boxes are authorized via credentials that you supply. Usually, operational emails are sent to individual purpose-specific mailboxes (not personal) so if you can segregate by mailbox then no confidential emails will ever be ingested. If you have a mailbox which might have mixed content, we have filters that allow you to only pick up emails using regular expressions and search expressions to match specific content only.
How does the tool perform under high data loads?
It performs very well with full horizontal and vertical scaling capabilities. Many workloads are performed offline with very low CPU, memory, and I/O impacts.
How will we be using these RSSD files for auditing or compliance check?
How the RSSD files will be used for auditing and compliance check is dependent on various disciplines and the their policies. To get started, navigate to the disciplines and WPAs page, choose your discipline, and see various ways you can extract machine-attested compliance evidences from the RSSD using SQL, depending on the Work Product Artifact (WPA). Here's an example of how software engineers extract compliance evidences from the RSSD file.
Will we be using this RSSD file in Opsfolio Suite for auditing or in some other way?
Yes, RSSDs are used for auditing in Opsfolio Suite but because they are simple SQLite databases they can also be used for anything else your company would like.