KB: Web Interface Security: Difference between revisions
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
==Introduction== | ==Introduction== | ||
When using the open Internet in order to process and receive customer related transactions between your workstation and the | When using the open Internet in order to process and receive customer related transactions between your workstation and the RangerMSP database, the need to upgrade the communication security may arise in order to safeguard your customer information from being read by any unrelated parties. Using Secure Socket Layer Encryption (SSL), you can lock your server from communicating with anybody that does not have an encryption certificate issued by you. | ||
__TOC__ | __TOC__ | ||
| Line 6: | Line 6: | ||
<br> | <br> | ||
==Is SSL Enough?== | ==Is SSL Enough?== | ||
In order to enhance security we usually suggest users to work over SSL - the | In order to enhance security we usually suggest users to work over SSL - the RangerMSP Web Interface fully supports SSL Encryption which help protect from 3rd party eavesdropping on your communication. Furthermore, we suggest that when issuing passwords, you should issue complex passwords that would be difficult to read from a keyboard while someone is typing it. | ||
For more information see [[KB:_Creating_a_new_SSL_Certificate_for_the_Web_Interface|Creating a new SSL Certificate for the Web Interface]]. | For more information see [[KB:_Creating_a_new_SSL_Certificate_for_the_Web_Interface|Creating a new SSL Certificate for the Web Interface]]. | ||
| Line 19: | Line 19: | ||
==See Also== | ==See Also== | ||
*[[KB:_Creating_a_new_SSL_Certificate_for_the_Web_Interface|Creating a new Certificate for the Web Interface]] | *[[KB:_Creating_a_new_SSL_Certificate_for_the_Web_Interface|Creating a new Certificate for the Web Interface]] | ||
*[[Web_Interface| | *[[Web_Interface|RangerMSP Web Interface User Manual]] | ||
[[Category:KB|Security]] | [[Category:KB|Security]] | ||
Latest revision as of 12:55, 8 July 2020
Introduction
When using the open Internet in order to process and receive customer related transactions between your workstation and the RangerMSP database, the need to upgrade the communication security may arise in order to safeguard your customer information from being read by any unrelated parties. Using Secure Socket Layer Encryption (SSL), you can lock your server from communicating with anybody that does not have an encryption certificate issued by you.
Is SSL Enough?
In order to enhance security we usually suggest users to work over SSL - the RangerMSP Web Interface fully supports SSL Encryption which help protect from 3rd party eavesdropping on your communication. Furthermore, we suggest that when issuing passwords, you should issue complex passwords that would be difficult to read from a keyboard while someone is typing it. For more information see Creating a new SSL Certificate for the Web Interface.
Additional Methods
Limiting unneeded privileges is also a sound suggestion that could prevent long term damage to the system, in the event that employee credentials fall into unauthorized hands, so if somebody gains malicious access to the system, that person would have limited access, at best. It's also recommended to make sure your employees change their Web password often, and if a worker stops working in your company, make sure to disable their Web Users.
For more information, learn about managing your employee and customer Privileges.