Centralise Your Password Management
Our solution utilises a product called SAMS to solve these problems by providing a centralised service that holds all your remote equipment password and connection information in a totally secure SQL database. It enables your users, administrators, engineers and applications to have secure remote access to managed devices, from a standard web browser, using IP or dial up connectivity. Users browse in to SAMS and get authenticated; they are then presented with a list of equipment they are permitted to access; connection is made with one click. They do not know equipment passwords, telephone numbers or IP addresses; it is simple, secure, fast and very efficient. SAMS proxies all the connections, making life easier for users, and keeps an audit trail of all activity - making life easier for you.
For Enterprise Customers
Greater security – the login credentials and connectivity details of all customer equipment will reside in the SAMS server. It is therefore easier for the customer to audit and approve a maintainer’s security system.
Reduced Administration – customer's IT staff will only need to provide external access to specific equipment on the network from one point i.e. the SAMS server. This will reduce their administration workload and associated costs.
Audit trail – SAMS will hold an audit trail of all remote access activity. In the event of a security breach it will enable the identification or elimination of remote maintenance as the source to be completed quickly and efficiently, saving time and cost.
For a Maintainer
Reduced Administration – SAMS will significantly reduce the administration overhead required to manage engineer and third party access to customer premise equipment. Some of the increased efficiencies are outlined below.
Adding equipment – without SAMS the existence of new sites or equipment must be notified to all users who require access to it. This information needs to include the login credentials and connectivity details. With SAMS all that is required is that the details are added to the SAMS database.
Removing equipment – without SAMS all users have to be notified if equipment is removed. With SAMS all that is required is that the details are removed from the SAMS database.
Adding users – without SAMS a new user will need to be told of all the equipment that they have access to. This information needs to include the login credentials and connectivity details. With SAMS all that is required is that the user is given authenticated access to the SAMS database.
Removing users – without SAMS, when a user leaves, all usernames and passwords of every device that they were able to access should be changed; this is an onerous task. With SAMS all that is required is that the user’s details are removed from the SAMS database.
Changing Passwords – for security purposes it is generally considered good practise to routinely change equipment passwords. Without SAMS this can be a long manual process and all users have to be provided with details of the changes to only those sites and equipment to which they have access. With SAMS it is questionable whether the passwords need to be routinely changed. If policy dictates that they do, then there is no need to advise users of the changes as they do not need to know any login credentials.
Third party access – some equipment may be maintained by a third party supplier, who needs to be given access to remote equipment either permanently or on a temporary basis. Without SAMS you will need to either provide a permanent login or change equipment passwords each time a third party has had access. With SAMS you can control third party access in exactly the same way as you control access by your own staff. This not only reduces the overhead of managing third party suppliers but can also reduce the time it takes to respond to an incident.
The use of SAMS will greatly increase the security of your operation, help you to audit activity, increase efficiency and reduce the cost of providing secure remote access. Some of these benefits are outlined below.
Audit trail – when an incident occurs it can be important to know if anyone has accessed a device and caused the problem. Without SAMS it is not possible to be certain of who did what and when. SAMS keeps a full audit trail that will allow you to quickly identify who did what and when. This includes the user and time, with drill-down to show data sent to and received from a device. The audit trail will also allow you to identify where additional training is required.
Security audit – in an increasingly security-conscious world it is important that you can demonstrate that your systems meet ISO or similar standards. Without SAMS you need to give login credentials and connectivity details to individuals, some of whom may be contractors or work for third party companies. You will have to go to considerable lengths to convince your customers that your systems are secure. SAMS holds all login credentials and connectivity details in a secure central database; only administrators will have access to this information. This will allow you to more easily and cost effectively meet ISO standards and provide assurance to your customers.
Third party audit – where equipment is maintained by a third party, you will be held responsible by your customers for all their actions. Without SAMS you will have no idea what they have done and when. With SAMS you can produce a complete audit trail of activity including commands sent to and responses received from equipment.
Restricted access – some remote equipment, e.g. the Data Track Tracker, can be programmed to limit both dial up and IP access to both itself and devices connected to it. Without SAMS this can be very difficult and time consuming to implement; it may prove to be a practical non-starter. With SAMS it is a simple task. All communications are channelled through the SAMS server so that connectivity can be limited to one CLI/ANI number and one IP address.
Without SAMS, users will need some training on how to set up various connections from their laptop or workstation. These will include ASCII, Telnet, SSH, PPP, PPTP, FTP, HTTP, HTTPS and TCP. They will need to know which type of connection to set up for each equipment type and service. With SAMS they can use a standard browser to initiate all connections and services. SAMS will proxy the connection and use the correct protocol. This will greatly reduce the amount of training required by your users and greatly simplify the connection process.