You can carry out certain security settings to protect the Securden installation and control access to the interface.
How to Monitor Changes in the Domain Admin Group?
Manipulating a domain administrator group such as the 'Domain Admins' could make the organization susceptible to security risks. You can create a scheduled task to get notified if there is any modification to the domain administrator groups.
When new members get added to or removed from the domain administrator groups, you will get notified about the change. Securden can monitor the changes to the domain admin groups of all the Active Directory domains added to the product. You can create a scheduled task to periodically monitor and send notifications.
How to Schedule Notifications?
To Schedule Notifications, Navigate to Admin >> Security >> Domain Administrator Groups section. In the GUI that opens, click the button ‘Schedule Notify’.
You have two options here - carry out the check once (Notify Once) at the required timeslot and trigger notification (or) carry out the check at periodic intervals (Notify Periodically). Select the required option in the GUI.
You can choose to send notifications to all ‘Administrators’ or all ‘Super administrators’ or to both administrators and super administrators. Select the checkbox as needed. You can even add email addresses directly in comma separated form in the ‘Specific Email Address’ field.
When you navigate to Admin >> Security >> Domain Administrator Groups section in the GUI, it typically shows the list of all administrator groups present in the selected domain. You can click the button “Sync Members” to view the latest data anytime.
As mentioned above, you can monitor the changes to domain admin groups for multiple domains. You can add the domains to be monitored by clicking the button “Add New Domain”.
Every installation of Securden is protected with a unique encryption key. By default, this encryption key is located at ∠securden installation folder>/conf/securden.key for evaluation purposes.
Securden doesn’t allow the encryption key and the encrypted data to reside in the same location to ensure security. Hence, the key has to be moved outside the Securden installation folder.
When deploying the product to production, Securden enforces moving the key out of the installation folder.
The encryption Key is essential to start the Securden server. If the key is not present in the new location, Securden server won’t start. After moving the key to some other secure location, you need to specify the new location as explained below:
To specify the new location,
Note: If the server fails to start, you can view the current location of the encryption key by opening the Securden_key.location file using any text editor. This file is located at ∠Securden Installation folder>/conf/Securden_key.location. You need to have the encryption key in the location specified in this file for the Securden server to start.
Securden gives you the option to control and restrict access to Securden Server based on the user’s IP address. You can either enter specific IP addresses or an IP range that is allowed or denied. Users belonging to the locations or networks that fall only under allowed IP addresses or range will be able to access Securden.
Enable IP Restrictions
To Enable IP Restrictions, navigate to Admin >> Security >> IP Address Restrictions >> Enable IP Restrictions and move the toggle “Enable IP Restrictions” to green.
Specific IP: 18.104.22.168
IP Range: 22.214.171.124:126.96.36.199
CIDR notation: 192.168.1.30/24
Finally, click “Save”. The settings will take effect only after restarting Securden PAM Service.
Securden allows you to block and filter access to its server from extensions, API, and mobile applications. Once you block any such access, a connection could not be established with the Securden server from browser extension or APIs or mobile apps as per the setting below. This setting will take effect for all users, including the super admin globally. You can change this setting anytime as desired.
To block access, navigate to Admin >> Security >> Block Access. You can block access through browser extensions, APIs, or mobile apps by moving the green toggle to red.
You can change this setting anytime as required.