Do you have control of your Company's Passwords?
We have experience of a good password system which complies with GDPR and ISO 27 001
By following a resource from the first entry to the last change, you have full traceability and transparency.
Get notifications over email in case of specified event.
Logging takes place in real time when using resources, when, where from and even. the reason why utilized resource may be required. Dedicated syslog server can also be used, SIEM prepared.
Easy to work with
One of the cornerstones of doing a good job is having good tools that are easy to work with that also follow a leading and functioning structure.
It should be easy to do right and hard doing wrong.
A secure system provides proper access for the right group of people.
Access to the system's resources can be role-based on the basis of organizational, competence-based or customer-specific.
Employees can share sensitive passwords across different teams and time constraints, but can also be managed individually in the same system
Attractive Licensing Model
A smart licencing model that allows all those who work within the system and have access to the resource can help and keep information updated and no one will be locked out. You do not need a dedicated person who administer all the data.
Integrated Password Control
Control that checks if passwords has been broken by validating them against the database haveibeenpwned.
Penetration tests are performed regularly by external parties.
Secure Login - Secure Connections
Support for the majority of two-factor authenticators with fully dynamic assignment.
Several built-in security features in the system that enable high security.
Support for LDAPS, Kerberos, SSO, Smart Cards, ADFS etc.
Unique Password Generators
Create unique password generators and connect to specific services to maximize security. QNAP handles a maximum of 64 characters while Azure AD 8-256 characters.
Password integration directly against most systems allows you to automate password rotation after the specified time interval.
Have all high-administrative accounts rotate every week or night while the accounts of external suppliers must be checked out and sent encrypted to be checked in when they are finished or it is automatically rotated at midnight.
Passwordless - Remote Control
Remote access over RDP, SSH, Telnet, VNC, TeamViewer or MS SQL can be established without the user knowing or needing to manage the password. You can also record the sessions.
In fact, we have a custom feature that makes the password hash useless after RDP connection to Windows servers has been made. The hash problem was widely criticized during TechDays 2019.
Password Reset Portal
Let end users easily and securely reset or unlock their own Active Directory password 24/7 according to Zero Trust Mode. A self-service reset portal is integrated with the windows login screen on the user's computer. The portal can be accessed via smartphones and workstations where the password is unlocked via an enrolled verification that the user registered before, OTP with soft token for example.
API-Integration and Automation
Automate password management via API in a secure and automated way. Let other systems integrate to become more autonomous and minimize manual processes. Start your RPA journey today.
Compliance and Regulations
Many different types of scheduled reports, over 100 different auditing events and real-time alarms ensure that your company complies with various laws such as NIST, DDS, HIPAA, NERC / CIP, SOX, GDPR
GDPR - Entered into force 25th of May 2018
We and many others consider this to be the absolute greatest change for Operations and Businesses in modern times.
One of the most important aspects of GDPR is management and access limitation.
Information shall be sorted, classified and proper access shall be established to it.
The right kind of information should therefore be handled by a desirable group of people who are trusted to it.
We follow Cyber Security experts from Addlevel, who hosted the event GDPR Summit 2017 in Sweden which interpreted the requirements of GDPR for application providers and organizations.
Quote from GDPR Summit 2017 by Addlevel:
" Access restriction, should everyone have access to everything, all the time ? "
" Why should the person in question have access to the protective task ? "
" Does the systems have a built-in data protection by default ? "
We at Haagen IT Partner are familiar with these challenges above and we are proud to acknowledge that our system is able to meet all the demands according to these sessions held by Cyber Security Experts.