Credentials automatically rotation is used by administrators to access critical systems across the organization, because of this kind of situation, auditing and monitoring privileged accounts are so important.
Through this senhasegura enabled reports that can be used to understand how the credentials are being used, the groups which can manipulate the credential and more. Accessing the menu Reports ➔ Credentials you will see the following reports:
This report summarizes all the credentials' trails senhasegura register in the system. This is easy and fast consult report to view the trail records.
The Credentials overview report will print the following information:
Username: of the credential detailed;
Credential type: of the one detailed. The types can be local user, local administrator, domain user and others;
Status: indicates if the credential's username available to use;
Creation date: is the day and time the credential was registered on the system;
Expiration date: is the day and time the credential was disabled on the system;
Last change: is the day and time the credential was modified;
Last view: is the day and time the credential was viewed;
Last use: is the day and time the credential was used to access;
This report shows all the credentials registered in the system and the last time the credential was used to perform access. The report is significant to verify if a credential is being managed by the users that have permission to do it; if the access is being performed in an allowed time according to with the company's access policy and the security expectations from the company and standards.
The Password use report will print the following information:
Credential: of the password used;
Device: the password is used to access to;
Operation: performed using the password;
User: that accessed using the password;
User IP: used to use the password;
Date/Time: is the day and time the password was used;
Origin: is the platform the user used to use the password;
Target: is the device the password was used to access;
Users by group
This report shows all the system's users registered in senhasegura and the groups they are members. The report is significant to verify if the user has the necessary permissions, or have more, to execute its activities. The auditor can cross-check if the user access permissions are correct according to with the company's access policy, responsibility matrix and the security expectations from the company and standards.
The Users by group report will print the following information:
Name: of the user;
Username: is the username used to access senhasegura ;
Department: is the company's department the user belongs;
Access group: the user belongs;
Assignment date: is the date and time the user started to be a member of the group;
Assigned by: is the user who included the other one in the group;
Part of password: is the level of privilege the user has in relation with the credential's password: can see the complete or just a part of the password;
It's also possible to see more details about users by group, clicking on the action icon of the register
This report shows all the emails senhasegura sent for users requests. This report is relevant to present all the access requests, this can be useful to compare the access flow and system access settings with the company's access policy and security expectations.
This report shows the history of the changes made on the password policies registered in senhasegura system. This report is important to know when was changed, the usernames and devices that admitted the changes to understand if the passwords expiration and viewing periods still in compliance with the company's policy and security expectations.
The Policy definition report will print the following information:
Date: day and time the changed was performed;
Policy: is the password policy name that will be detailed;
Type: of the credential which admitted the change;
Username: that admitted the changes;
Hostname: of the device which admitted the change;
Strength: is the level of complexity of the password that will be built;
Expiration period: is the limitation period to perform the password change;
View expiration: is the limitation period to view a password;
Message: is what the system print to the requester related with password policy change;