Promote your product here

Advertise here at IT help desk software.

Display ads about your events, product, submit a press release, promote video or place your blog in our website and get more exposure and traffic.

Please fill the form below and we will contact you by email as soon as possible.

Online Form powered by

Help Desk Tips & Tricks - Incident Management

The Help Desk Tips & Tricks webinar, organized by ManageEngine will make you understand more about our Help Desk Management tool, ServiceDesk Plus and the tips to improve the performance and efficiency.

Register now

You’ll learn more about incident management in this webinar, through our ITIL ready product.

To Walk the Talk 

The webinar presentation will also be covered by a complete walk-through inside the ServiceDesk Plus product which will provide you more information on the features and the benefits.

 Register now for free !!!

FrontRange HEAT Help Desk Software Demo

Check out the demo video of help desk software, FrontRange Heat.

About FrontRange Heat Service Provider,

"Built on more than 15 years of service management experience, award-winning HEAT help desk software integrates core service and support components into one complete help desk software solution to reduce costs and increase operational efficiency."

Perils of 'Static' Windows Service Accounts

Windows Service Accounts, used by the system programs to run application software services or processes often possess higher or even excessive privileges than normal user accounts. These are indeed very powerful accounts that run critical business processes and services. Many third-party services or scheduled tasks or processes might make use of the same service account, resulting in a complex interconnection.

In many production networks, it is not uncommon to find service accounts with 'static' credentials. Service accounts are normally forgotten after configuring them initially. Passwords are not changed for ages due to the sheer complexity of the service account password reset process. The new password has to be updated in all the associated services or processes. Otherwise, many services will simply not work. Unless the administrator follows the best practice of meticulously maintaining a master list of all service accounts and their dependencies/associations, password change of service accounts will prove herculean.

Static service accounts make the enterprise a haven for hackers! Malicious programs and hacking tools can decipher the service account credentials and wreak havoc on your network. Windows Security Experts often say: "service accounts are one of the simplest ways to turn a compromise of one computer system into a compromise of an entire network".

Properly managing the credentials of Windows Service Accounts is one of the crucial aspects of protecting the Windows Network.

Manual efforts to achieve this is not only time-consuming and mind-boggling, but also error-prone. The best way to ensure security is to automate the Windows Service Account password management.

ManageEngine Password Manager Pro helps achieve this with ease.

Password Manager Pro has the ability to identify the service accounts associated with a particular domain account. While resetting the password of a domain account managed in Password Manager Pro, it will find out the services which use that particular domain account as service account. It will automatically reset the service account password when the domain password is changed.

In certain cases, services corresponding to the service accounts require to be restarted for password reset to take effect. The windows service account password reset feature of Password Manager Pro helps achieve this precisely, fully automated.

You can create scheduled tasks to change the passwords of domain accounts and their associated service accounts in fully automated fashion, in accordance with the IT policy of your enterprise. You need not worry about the service account dependencies.

Try Password Manager Pro now!

Privileged password management: Protection alone is not sufficient

Privileged password management has now emerged a key aspect of IT management. With ever-increasing number of privileged identities in shared environment, protecting the administrative passwords is absolutely essential, but that alone is not sufficient. IT Managers are required to establish both 'protective' and 'detective' measures in managing administrative passwords.

While Privileged Password Management deals more with the 'protective' aspect of securely storing administrative passwords and restricting access to passwords, the 'detective' provisions to monitor password management operations and user activities are highly essential from the standpoint of preventing/identifying insider-threats and ensuring compliance to numerous industry and government IT regulations.

Password Manager Pro scores high in both these aspects - it helps protect your privileged identities and control access to the resources; it also generates real-time alerts, SNMP traps and Syslog messages whenever an activity/event - including password access, modification or any other occurrence -takes places within the ManageEngine application.

These traps/syslog messages can be sent to a third-party SIEM tool, which can thoroughly analyze and correlate the data from Password Manager Pro with other network events. This results in a more secure infrastructure with an in-depth and holistic view of overall network activity.

The auditing mechanism of Password Manager Pro is quite comprehensive. It records all operations performed by the user including the password viewing and copying operations. The list of important operations that are audited (with the timestamp and the IP address) includes:

• User accounts created, deleted and modified
• Users logging in and logging off the application
• Resources and passwords created, accessed, modified and deleted

Upon the occurrence of any of these events, real-time alerts are generated. The integration with SIEM allows security administrators and auditors to monitor privileged account access and activities from a single console and reconcile security incidents to possible privileged access abuse. With insider threats looming large, specifically due to privileged account access, this ability to quickly understand the root of a security event makes it possible to rapidly respond to attacks and always be in complete control of the computing environment.

Try Password Manager Pro now!

An automated solution to enforce IT policy on standard password practices

Growing instances of information security incidents have forced IT enterprises to put an effective IT policy in place. All such policies stress three essentials, among the numerous guidelines:

• Usage of unique, strong passwords across all IT resources
• Rotating the passwords at periodic intervals
• Role-based access controls for IT resources

Enforcing the IT policy with respect to the privileged passwords turns out to be a daunting task to carry out manually. For instance, entering a new password that satisfies the strong password policy -- numerals, mixed case, special characters, minimum length and so on -- would be a nightmare.

Similarly, when there are too many IT resources, administrators often find it easier to assign a non-unique, same password to all the resources. Or they would prefer to recycle previously used passwords.

Above all, periodically changing the passwords on numerous resources would literally consume man-days! And to make things worse, if there is no proper password management practice in place, enforcing the above policies might result in system lockout issues and utter chaos.

By using a password management solution, you can automate the entire process of enforcing the IT policy with ease.

Password Manager Pro helps enforce the policy in more ways than one:

Once you define the password policy, Password Manager Pro automatically generates unique, strong passwords and deploys them across remote resources. It also automatically synchronizes the passwords at periodic intervals. It generates policy compliance reports prominently showing the violations.

In enterprises, different categories of administrators will just require access to the resources pertaining to their job roles alone - for instance, network administrators should be able to access only the network devices and not Windows servers. The password ownership and sharing design of Password Manager Pro precisely helps achieve this.

Password Manager Pro strengthens IT security through the usage of stronger and dynamic passwords.

Take a look at this quick video to learn more on how Password Manager Pro can help you enforce IT policy.

Don’t let your administrative passwords become Pulcinella's Secrets!

If you wonder what the phrase 'Pulcinella's Secret' means, let me start with explaining that:

Pulcinella is a popular comic character in Commedia dell'Arte, a form of theatre that began in Italy in the mid-16th century. The very character of Pulcinella is his inability to keep secrets. That means, any confidential matter revealed to him would soon become an open secret. Everyone will come to know of the 'secret', but will pretend not to be knowing. So, in reality, Pulcinella's secrets are not secrets at all!

Now, coming back to the question: Do you leave your administrative passwords as Pulcinella's Secrets?

I am afraid the answer would be ‘Yes’ if you still follow the practice of keeping your administrative passwords in text files and spread sheets. Everyone will be knowing all the passwords, while you would be thinking otherwise!

Let me explain further:

Modern IT and other enterprises are heavily dependant on servers, databases, network devices, security infrastructure and other software applications for their day-to-day operations. These infrastructure are accessed and controlled through administrative passwords. Typically, the applications are used in a shared environment by a group of administrators.

The number of administrative passwords keep on growing as more and more servers, devices and applications are added to the enterprise. Administrators end up virtually struggling with a pile of passwords and face problems on securely storing, managing and sharing the passwords.

How administrative passwords are being handled in enterprises?

If truth be told, even many big enterprises do not have any effective password management system in place at all. Employees follow their own, haphazard way of maintaining the passwords; there is rarely any meaningful management

• Sensitive passwords are stored in volatile sources such as text files, spread sheets, print-outs etc.,

• Many copies of the administrative passwords are circulated among the administrators who require them for their job functions. The passwords thus become impersonal in the shared environment – no accountability for actions

• When other members of the organization such as developers, database administrators and support personnel require access to IT resources, passwords are generally transmitted over word of mouth

• The administrative passwords mostly remain unchanged for fear of inviting system lockout issues

• Still worse, most resources are assigned the same, non-unique password for ease of coordination among administrators. In most of the organizations, a common administrative account is created and all the administrators use the same account to access the infrastructure - for instance 'Administrator' on Windows, 'root' on Unix/Linux, 'enable' on Cisco, 'sa' on SQL server etc.  

• There is rarely any internal control on password access or usage. Administrators freely get access to the passwords of all the resources in the organization

• There is generally no trace on ‘who’ accessed ‘what’ resources and ‘when’. This creates lack of accountability for actions

• If an administrator leaves the organization, it is quite possible that he/she may be getting out with a copy of all the passwords

 So, if you follow the traditional practice of storing the passwords in text files and spreadsheets, sensitive administrative passwords will be known to everyone, much like Pulcinella’s secrets.

What is the Solution? 

One of the effective ways to securely manage the administrative passwords is to store the passwords in a central, secure vault and automate password management tasks. Deploying 'Password Management Applications' or in simple words, the 'Enterprise Password Managers' can help you in controlling access to administrative passwords and in taking total control of the shared administrative passwords. Your passwords will no longer remain as Pulcinella’s Secrets.

ManageEngine Password Manager Pro precisely helps achieve this.  Deploy Password Manager Pro and Stay Secure!

Do you still keep your administrative passwords in text files and spread sheets?

Modern IT and other enterprises are heavily dependent on servers, databases, network devices, security infrastructure and other software applications for their day-to-day operations. These infrastructure are accessed and controlled through administrative passwords. Typically, the applications are used in a shared environment by a group of administrators.

The number of administrative passwords keep on growing as more and more servers, devices and applications are added to the enterprise. Administrators end up virtually struggling with a pile of passwords and face problems on securely storing, managing and sharing the passwords. Spreadsheets, flat files and even print-outs containing the passwords are circulated among the administrators.

This traditional practice brings with it a host of issues such as the following:

• When one administrator changes a password, it should be updated in all the 'copies'; otherwise, at the most needed time, one would be trying to login with an outdated or old password!
• Chances of security attacks on the IT infrastructure become very bright
• The business of the enterprise would be in jeopardy as sensitive passwords remain insecure

In most of the organizations, a common administrative account is created and all the administrators use the same account to access the infrastructure - for instance 'Administrator' on Windows, 'root' on Unix/Linux, 'enable' on Cisco, 'sa' on SQL server etc.

These administrative passwords, also known as 'Shared Administrative Passwords' give unlimited access to the infrastructure to the extent that the user can do virtually anything. This practice brings along with it accountability issues since the super-user is not role-based and actions could not be traced back to a particular user.

According to a research report of Gartner, the shared accounts with superuser privileges or other high-level access rights pose a significant risk in all organizations. Passwords are shared by multiple users who are sanctioned to use those accounts, or they're managed using fragile manual processes. High risks stem from passwords becoming known to others, as well as the lack of individual accountability. (Source: Gartner, Inc., "Toolkit: Password Management Tools for Shared Accounts and Service Accounts", Ant Allan, 11 January 2007).

Also, IT Managers often wish to enforce certain standard password policies - such as usage of strong passwords, curbs on usage of obvious passwords, rotating passwords at periodic intervals etc. The traditional password management lacks provision for all of these policies.

Governmental and industry regulations prescribe severe security measures for protecting passwords and require comprehensive audit records on each and every action on the passwords. In the traditional approach, there is no way to ensure compliance to such regulations.

In short, administrators of enterprises are drowning in a pile of administrative passwords and are struggling to store and manage them securely and effectively.

The Solution

One of the effective ways to securely manage the administrative passwords is to store the passwords in a central, secure storage and automate password management tasks. Deploying 'Password Management Applications' or in simple words, the 'Enterprise Password Managers' can help organizations in controlling access to administrative passwords and in taking total control of the shared administrative passwords.

Password Manager Pro is a secure vault for storing and managing shared sensitive information such as passwords, documents and digital identities of enterprises. The benefits of deploying Password Manager Pro include:

• Eliminating password fatigue and security lapses by deploying a secure, centralized vault for password storage and access
• Improving IT productivity many times by automating frequent password changes required in critical systems
• Providing preventive & detective security controls through approval workflow & real-time alerts on password access
• Meeting security audits and regulatory compliance such as SOX, HIPAA and PCI

Allowing Temporary Access To Sensitive IT Resources

Assume the scenario below:

You administer a sensitive IT resource - a database in production network containing important data. An emergency troubleshooting situation arises. A developer has to be provided time-limited, temporary access to the DBMS, say for a day.

How do you handle such a scenario?

In many organizations, the required administrative passwords are conveyed through telephone or transmitted via email. And, the administrative passwords are rarely reset. As a result, the developer will continue to have access to the production database even after completing the troubleshooting task.

These kind of practices bring with them operational and security issues and threats. The organization will become a paradise for malicious insiders and external hackers. They can easily wreak havoc on the confidentiality, integrity and availability of the organization’s information systems, resulting in huge financial losses.

A better way

Automating the privileged password management life-cycle is the best way to handle this scenario. Using Password Manager Pro, you can store the privileged passwords in a secure, centralized vault and enforce role-based access restrictions.

In addition, you can enforce the users to go through a request-release mechanism. Users requiring temporary access to a password will have to make a request, which will be approved by one or more administrators. Upon approval, the user will get time-limited access to the password. Once the user checks out a password, it will be available exclusively for his/her use till the stipulated time. After that, the user will forfeit access and also the password will be reset.

The request-release mechanism is part of access control workflow, that ensures security of highly sensitive passwords. Try Password Manager Pro now!

How do you control concurrent privileged access to sensitive IT resources?

In enterprises, quite often, many administrators might be accessing a system in production environment concurrently. They might be attempting to carry out conflicting operations, unconnected tasks or even trying the same activity.

In the absence of proper planning and coordination, such concurrent access on IT resources could affect the integrity of data/information, lead to conflicts, duplication of effort and a host of other issues. For instance, two administrators might be attempting registry edits on the same system concurrently. Conflicts during this operation might lead to serious damages.

In other cases, for certain sensitive IT resources in production, there might be requirements to grant exclusive, time-limited access to a particular administrator. During that period, no one else should be allowed access to that resource.It will be very difficult to achieve the above objectives without the help of a proper tool.

One of the best ways to tackle this scenario is to control the access to privileged passwords and thereby check access to the resource. You can deploy a Shared Account Password Manager and store all the administrative passwords in a centralized repository. Administrators can be granted access to the passwords strictly based on their job responsibilities and requirements.

Password Manager Pro from ManageEngine provides a perfect solution to control concurrent access to resources and also to grant exclusive, time-limited access to administrators selectively.

Source : Password manager

The 'Access Control Workflow' feature of Password Manager pro helps achieve Concurrency Controls with ease. A specific password could be made available for the exclusive use of a particular user for a specified time during which, no one else, including the owner of the resource would be allowed to view the password.

For Example, if you specify the time period as two hours, the password would be made available exclusively for that user for two hours. Others cannot view the password during that period. After the specified time period, the password would become void and will not be available to the user. In addition, the password will be automatically randomized. Later, other users will now be able to view the passwords thereafter.  In case, an emergency need arises to revoke the exclusive permission to the user, administrator can forcefully check in the password at any point of time.

Try Password Manager Pro  now!