Padroneggiare la sicurezza dell’utente, fornendo accesso alla dashboard a consulenti e clienti

Postato il

Spesso siamo nella necessita di fornire limitato accesso alla dashboard a dipendenti, consulenti o clienti per ragioni differenti.  Questo articolo vi fornirà le informazioni necessarie, per permettervi di farlo  mantenendo l’ambiente sicuro.

Scenario One: Providing Access to a Single User within a Client Company

In every company no matter how small, there is usually that one person designated as the “IT Person” to solve all the small issues that arise. Providing dashboard access to this person can often cut down on the number of hours you spend supporting the company. If you can provide this person with the tools in the dashboard such as Remote Desktop and Remote Background, it empowers them to solve simple user issues making your company more profitable.

The first thing to note is you are only charged per node, there is no additional charge to add users of any kind to your dashboard. This is a great value that is included in the platform fee.

Step One: Build a Client Group

In the dashboard click onSettings>Users>Client Groups sicurezza dashboard 1

  1. Click Add Client Group
  2. Name the Group
  3. Select the Company
  4. Move it into the group.

Step Two: Build a Role to Restrict Access to the User:

In the dashboard click onsicurezza dashboard 2

Settings>Users>Roles and Permissions

  1. Add a new Role
  2. Name the Role
  3. Select Role template to base the new role on (I like to choose Superuser in order to provide me with the most options to customize the access. If you choose a role with less permissions there are several things greyed out.)
  4. Go through each and every Line item and select the appropriate access for that user.

Step Three: Create a User and Assign the Role and the Client Group:

In the dashboard click onSettings>Users>User Accounts sicurezza dashboard3

  1. Add user
  2. Enter the User’s email
  3. Select the Role
  4. Select the Client Group

Step Four: TEST…        TEST…TEST

  1. Be sure and log in as the user and confirm that you have all the proper security permissions in place.

Scenario Two: Providing Access to an Employee or Contractor

Often times it will be necessary to partner or work with another company or contractor. The Process is exactly the same as above. It may be necessary to provide access to one or more companies and there may be users with different roles and permissions within the same company. MAX Remote Management has the ability to accommodate any permissions scenario.

SECURITY BULLETIN: Secure your Agent Key:

You will eventually have to provide the agent key to someone to install an agent. Since the first user in the dashboard is assigned the Agent Key, you will ALWAYS want to create a second user for yourself that has SUPERUSER permissions. It is imperative that the second user has SUPERUSER rights or you will be contacting tech support at the end of this process.

  1. Rename the user that is assigned the Agent Key to something generic such as key@msp.com. It does not have to be a valid email address just in the proper email format.
  2. Create a user that has SUPERUSER permissions
  3. Set the password for the new user and set an Agent Key Password that you can remember.
  4. Unselect Enable Agent Key User Dashboard Access

sicurezza dashboard4

 

*Although this is outside the scope of this article please make note that when dealing with medical facilities where HIPAA regulations are in effect, your dashboard must be configured for Two Factor Authentication to be compliant. https://www.youtube.com/watch?v=rJj42OvxDHQ

Posted by Andrew Crihfield

Labels: Configuration, security, techniques

No comments:

 

Rispondi

Effettua il login con uno di questi metodi per inviare il tuo commento:

Logo WordPress.com

Stai commentando usando il tuo account WordPress.com. Chiudi sessione /  Modifica )

Google+ photo

Stai commentando usando il tuo account Google+. Chiudi sessione /  Modifica )

Foto Twitter

Stai commentando usando il tuo account Twitter. Chiudi sessione /  Modifica )

Foto di Facebook

Stai commentando usando il tuo account Facebook. Chiudi sessione /  Modifica )

Connessione a %s...