Auditing
Several senhasegura reports are used to ensure that the administrator has the necessary data to validate the access rules and audit these same rules.
Credentials by users
At the Reports ➔ PCI ➔ Credentials by users menu, in this report shows all credentials that every user registered in senhasegura system can have access. This report is relevant for the comparison between the user's access privileges set by the company's policy and current conceded privileges.
The security levels of the groups are also present in this report.
Access group modification history
Access groups can be completely modified immediately affecting the access level of everyone involved. So you can observe the change history of each group with details of which properties were changed and by whom, through the report Traceability ➔ Access groups.
For each record, you have acess to the detail screen that shows who made the change, what rule was used before, what rule it is used now, and when the change occurred.
Users by access group
The Credentials ➔ Users by group report shows the relationship between users and groups. In addition to presenting who added the user to the group, when and what part of the password this user has access to.
It is important to inform you that all actions to change, create, add, or remove groups and users are notified through messages in SIEM.
The report located under Report ➔ Access Control ➔ Users by Group shows the relationship between users and groups. In addition to presenting information on who added the user to the access group and since when this user has access.
The Type filter present in the report contains the name of the modules that have an access group.
Password expiration
Reports ➔ PCI ➔ Password expiration menu. This report shows the expiration dates of all credentials passwords that are registered in senhasegura . This report is important for the comparison between the company's password policy and the real application of the password expiration date.
It is also possible to have a general view on the number of expired passwords on the dashboard menu, to view this board access: Dashboard ➔ PAM Core ➔ Password changes
Child credentials will only be considered on this dashboard if their respective parent credentials have the automatic change active. In some cases the system does not schedule a specific change for the child credential, creating and executing the change at the time of executing the parent credential change. The "Waiting" and "Error" dashs will not necessarily display the sum of "Updated" and "Expired", as they depend on the behavior of each change.
The Password expiration report will print the following information:
The following counts managed/non-managed credentials:
Updated: which are -
: Over 25% managed credentials
: 5% to 25% managed credentials
: Under 5% managed credentials
Expired: which are -
- : None expired
- : At least one expired
Not managed: which are -
: Credentials without automatic password change enabled
Execution status: which are -
- : No problems
- : Any problem with up to 2 robots simultaneously (all active)
- : Any problem on the 3 robots simultaneously.
The following counts expired credentials that have the "password change" flag activated:
Waiting: which are -
: More than 75% of managed credentials- : Less than 75% of managed credentials
Error: which are -
- : Without errors
- : With at least one error
Password custody
Reports ➔ PCI ➔ Password custody menu. This report shows all the passwords that are under custody of any user registered in senhasegura system. This report is relevant for the comparison between the users access privileges set by the company's policy and the current privileges and access conceded.
It is also possible to have a general view on the users and the number of custody conceded on the dashboard menu, to view this board access: Dashboard ➔ PAM Core ➔ Custody.
Password policy change history
Reports ➔ Traceability ➔ Password policies menu. This report shows the history of the changes made on the password policies registered in senhasegura system. This report is important to know what changes were made and by which user to understand if the passwords expiration and viewing periods still in compliance with the company's policy and security expectations.
It's also possible to view what exactly was changed through a comparison between the original data to the recent alteration clicking on the action icon of the register.
Password strength change history
Reports ➔ Traceability ➔ Password strength menu. This report shows the history of the changes made on the password strength registered in senhasegura system. This report is important to know what changes were made and by which user to understand if the passwords has the level of complexity and strength in compliance with the company's policy and security expectations.
It's also possible to view what exactly was changed through a comparison between the original data to the recent alteration clicking on the action icon of the register.
Credential change history
Reports ➔ Traceability ➔ Credentials menu. This report shows the history of the changes made on the credentials registered in senhasegura system. This report is important to know what changes were made and by which user to understand if the new and current credentials still have the access permissions and settings in compliance with the company's policy and security expectations.
It's also possible to view what exactly was changed through a comparison between the original data to the recent alteration clicking on the action icon of the register.
Device changes history
Reports ➔ Traceability ➔ Devices menu. This report shows the history of the changes made on the devices registered in senhasegura system. This report is important to know what changes were made and by which user to understand if the new and current devices still active and have the access permissions, credentials and settings in compliance with the company's policy and security expectations.
It's also possible to view what exactly was changed through a comparison between the original data to the recent alteration clicking on the action icon of the register.
Protected information change history
Reports ➔ Traceability ➔ Protected information menu. This report shows the history of the changes made on the protected information in senhasegura system. This report is important to know what changes were made and by which user to understand if the new and current information stills integer, available and with access restrictions to the correct users in compliance with the company's policy and security expectations.
It's also possible to view what exactly was changed through a comparison between the original data to the recent alteration clicking on the action icon of the register.
Navigation Metrics
This report displays all the screens that users browse or open in senhasegura by showing the total number of accesses, what permission the user had when accessing the system page and the date of access. To access these records, access Reports ➔ System accesses ➔ Navigation metrics.
Access control history
Reports ➔ Events ➔ Password view menu. This report shows all the password view senhasegura intercede for users requests. This report is important to present all the access flow the system supports and the access type configured by the administrator, this can be useful to compare the access flow and system access settings with the company's access policy and security expectations.
Password policy changes
Reports ➔ Credentials ➔ Policy definition menu. This report shows the history of the changes made on the password policies registered in senhasegura system. This report is important to know when was changed, the usernames and devices that admitted the changes to understand if the passwords expiration and viewing periods still in compliance with the company's policy and security expectations.