How secure is Desktop Central?


Security and data protection are the primary concerns at Desktop Central. Security is taken very seriously at Desktop Central and as a result, a comprehensive set of practices, technologies and policies have been developed to make sure data stays secure. Security has been enforced in the following ways:

  • Access Control
    • Role based access allows only authenticated users with valid credentials to access the application.
    • Enables Multi-level authentication which adds another layer of security.
    • Password constraints to avoid simple passwords that pose a threat to security.
    • Provision to lock an account (triggered by failed login attempts) for a configurable amount of time.
  • Encryption At Rest
  • Sensitive information in the database is encrypted by unique instance-specific keys.

  • Encryption At Transit
    • All data transmitted to ManageEngine is encrypted using TLS 1.2 protocol by default.
    • We use SHA 256 algorithm, to ensure that our users have a secure connection from their browsers to our service. We use the latest and strong ciphers like AES-256, ECDHE by default.
    • When the MSSQL database is configured in a remote machine, the communication between the server and the remote machine is secured.
  • Data Protection
  • Database is only accessible via instance-specific credentials.

  • Agent - Server Communication
  • All the clients are verified and authenticated for communication with the central server.

  • Application Control
  • Integrity of binaries are verified using Checksum to prevent any modification by any intruder. All our binaries are digitally signed and verified during execution.

  • Vulnerability Database Encryption
  • Desktop Central server and Vulnerability DB communication will be encrypted.