CyberQP Tech Vault Security Options
Background
The CyberQP vault enables you to grant appropriate access to your passwords for specific individuals. Each password can be customized with access settings through the "Security" section of a password asset. There are three options available:
- All login users with access to the customer
This option allows any users with login credentials and access to the Customer to access the password. - Restrict to primary and super roles
This option limits access to ONLY individuals with primary and super roles. - Restrict to specific login groups
This option restricts access to designated login groups only. A login group will permit certain users AND all primary and super role users access to the password.
Note: If your organization previously created "Fake Logins" with "Engineer" or "Helpdesk" roles to restrict access to passwords, you can now transition to using "Restrict to specific login groups".
Prerequisites
- Tenant is Enabled with Quickpass Technician Vault
- Tenant has QDesk, QGuard, or the Bundle Account Plan
- Primary or Super Login Role Credentials may alter Password Access Security
- Customers created in Quickpass Dashboard https://support.getquickpass.com/hc/en-us/articles/360035206574-How-to-Create-New-Customer
- Passwords are stored in the Quickpass Tech Vault
Default Behaviour
- By default a Login Role with access to a Customer will be able to see account passwords for the areas of the Dashboard that they have access to. (See Login Roles for details)
- New Password Vault Feature - Unlinked Passwords will be available to all Login Roles until Security is Adjusted.
Securing Account Passwords
Creating or Editing Groups
- A Primary or Super Login Role will need to create or use an existing Group in order to secure a password.
- Click on Login Management.
- Click on the Configuration Drop Down and select Group Management.
- Click "Add New Group" or edit an existing Group.
- Type in the Name of the Group that you want to create (or keep the existing group name as is. You may use names such as "Website Passwords", "Level 3 Technicians", "Administration Group", "API Key Group" etc).
- Select the users you want to add to the group.
- Click Save to finish creating or editing the Group.
- Repeat the process for all the Groups that you wish to create or edit.
- Existing Groups that have been created can be modified to add additional or remove existing users as required.
- Click on Login Management.
Securing the Password Entry
- Click the Customer you want to modify the Password Access to.
- Click the Passwords Link on the left side of the screen.
- Click the Specific Password you wish to modify the Password Access to.
NOTE: At the time of the creation of this KB Article, Password Entries must be modified individually. Future releases of this Feature will allow bulk modification. - Existing login Groups with access to view the password will be shown in the lower portion of the screen.
- Click the Edit Button in the top right corner
- Find the Security Section of the Password Entry in the lower portion of the Password Entry
- Change the Radio Button to "Restrict to specific login groups" if not already selected and click the "Add/Edit Groups" button.
- Select the groups (and through inheritance, the users) you wish to give access to the password. Click the "Select" button to save your changes.
- NOTE: Login Roles that do NOT have access to the Password Entry will NOT be able to see the Account on the Dashboard, Desktop App, or via the ConnectWise POD/AutoTask Insight integration (for End User Accounts). The account entry will not appear at all to the login users.
Comments
0 comments
Article is closed for comments.