Security related questions

Hello,

Most customers that we provide this product with have security concerns from their IT team.
Could you help answer these questions about EWON:

  1. Upon a change of roles for a user, are permission and privilege associated with this new role accomplished within seven days after notification that the user’s role has changed?
  2. Are mechanisms in place to alert when accounts have been created, modified, enabled, disabled, and removed?
  3. Are security-related changes to privileged accounts logged and alerted?
  4. When files related to authentication are accessed, is this activity logged, alerted, and monitored?
  5. Are user sessions automatically locked after fifteen (15) minutes of inactivity, requiring the user to re-authenticate in order to reactivate the session?

Hi @LauraTurbofil

  • When you create a user in eCatcher, its credentials are immediately active. Whenever you make changes ie: name/permissions/password/deleted its effects will be effective immediately.

  • Currently there’s no method to alert you when a user has been created/modified but the only people that can create users are the account administrators.

image

  • In eCatcher, Administrators can limit the areas that a user can access. Ie: if you only want them to have access to certain IP addresses in a subnet. This can only be changed by Administrators. You can also see the time when a device was added, who the user was that connected, if the LAN IP/ Mask were changed, etc.

image

  • You’re able to know when a device is accessed and who accessed the device by looking at the log files for a device

  • You will be logged out of eCatcher after a period of inactivity but I’ll need to confirm what the amount of time is for that condition to be met

Thanks for the reply. This information is very useful.

You’re welcome, let me know if there’s any other questions you have.

Topic closed due to inactivity.