Clock Synchronization NTP(Delegate or On-Prem) as per ISO/SOC2

As per 12.4.4 Clock Synchronisation

The cloud service provider should provide information to the cloud service customer regarding the clock used by the cloud service provider’s systems, and information about how the cloud service customer can synchronise local clocks with the cloud service clock.”

Control:
Clocks in all related information management systems should be integrated into a single reference time source for an organisation.

Implementation:
A standard reference time should be defined for use inside the organisation.

Recommended NTP configuration for Delegate

Recommended NTP configuration for on-prem:

How to configure NTP for a Delegate running on Linux.

  1. Most of the Linux distributions are using “systemd,” which comes with NTP for clock Synchronisation. You can verify by running timedatectl

  2. If NTP is not present on your host system, You can use yum, apt-get to install NTP service as per your OS. You can also use Chrony which has flexible implementation of NTP

  3. NTP is configured using a configuration file – ntp.conf. The file is generally located in the /etc/ directory.
    Multiple NTP Server can be added in the ntp.conf in below format.
    The prefer option should only be specified once.
    server <-address-> [prefer]

     server 192.168.1.127 prefer # Local NTP server IP address
     server ntp-time.for.mydomain
    
  4. Below are some useful command to start/stop

    sudo systemctl enable ntpd
    sudo systemctl start ntpd
    sudo systemctl restart ntpd
    sudo systemctl stop ntpd
    
  5. You can find more details regarding list of configured server and their associated synchronisation performance characteristics.

    ntpq -p
    
1 Like