How secure is Desktop Central?
Security and data protection are the primary concerns at Desktop Central. Security is taken very seriously at Desktop Central and as a result, a comprehensive set of practices, technologies and policies have been developed to make sure data stays secure. Security has been enforced in the following ways:
- Access Control
- Role based access allows only authenticated users with valid credentials to access the application.
- Enables Multi-level authentication which adds another layer of security.
- Password constraints to avoid simple passwords that pose a threat to security.
- Provision to lock an account (triggered by failed login attempts) for a configurable amount of time.
- Encryption At Rest
Sensitive information in the database is encrypted by unique instance-specific keys.
- Encryption At Transit
- All data transmitted to ManageEngine is encrypted using TLS 1.2 protocol by default.
- We use SHA 256 algorithm, to ensure that our users have a secure connection from their browsers to our service. We use the latest and strong ciphers like AES-256, ECDHE by default.
- When the MSSQL database is configured in a remote machine, the communication between the server and the remote machine is secured.
- Data Protection
Database is only accessible via instance-specific credentials.
- Agent - Server Communication
All the clients are verified and authenticated for communication with the central server.
- Application Control
Integrity of binaries are verified using Checksum to prevent any modification by any intruder. All our binaries are digitally signed and verified during execution.
- Vulnerability Database Encryption
Desktop Central server and Vulnerability DB communication will be encrypted.