Skip to main content
Version: 8.5.X

Security

Security deals with securing the application from inside and outside threats. This section enables you to view the different audit logs, user sessions as well as configure the various security policies. You can also blacklist certain IP Addresses from accessing the ServiceOps Portal.

To view the Security page, navigate to Admin > Organization > Security.

It consists of the following tabs:

Configuration Audit

This tab displays the configuration summary along with the audit logs about all the technical changes. You can also download the summary in PDF or Excel format if required.

Configuration Audit

From this page, you can perform the below tasks:

  1. Filter: You can select the date range, user, event, and IP Address based on which the log data is to be filtered.
  2. Refresh: You can refresh the log list to sync and get the latest activities.
  3. Download: You can download the summary in PDF or Excel format.

Tenant Audit

This tab displays the summary of the changes made in the tenant configuration.

note

This tab is available only if Tenant Management feature is enabled in the license.

Tenant Audit

From this page, you can perform the below tasks:

  1. Filter: You can select the date range based on which the log data is to be filtered.
  2. Refresh: You can refresh the log list to sync and get the latest activities performed in the tenant section.

Operation Audit

This section displays the changes made in the application along with the details. You can view the logs based on the selected module.

Operation Audit

Here, you can filter the logs based on the selected module. Also, you can set the number of records to be viewed per page.

PII Audit

This tab enables to view the audit of the PII events as per the selected filter. You can filter the data based on the selected date range. Uou can also refresh the audit list to view the latest updates.

Email Audit

This tab enables to view the details of the emails sent like Event, Event Time, Email Server, Sender/Recipient, Subject, Status, Message ID, and Change Summary. Here, you can perform the following actions:

  1. View the audit as per the selected filter. You can filter based on date range, event, email server, and status.
  2. Refresh the audit list to view the latest updates.
  3. Download the audit entries in PDF and Excel format.

Email Audit

Password Policy

This tab enables you to add validations for the password to increase its security. The Password Policy is a preventive measure to keep the threats off the bay. You can either make it simple or complicated as per the organization's needs. There are default

The configurations are available based on their type, i.e. High, Medium, and Low. Also, a custom policy can be created if required. If "Privacy Regulations" is enabled, the Custom policy will be selected by default. If disabled, the existing configurations will be available in the Custom Policy.

note

You can neither copy anything from the password field nor paste anything into it.

Password Policy

You can configure the below parameters for the password:

Parameter            Description
Password PolicySelect the type of policy to implement. The options are: Custom, High, Medium, and Low.
Password Min LengthEnter the required minimum length of the password.
Minimum Upper Case CharacterEnter the minimum number of upper case characters required in the password.
Minimum Lower Case CharacterEnter the minimum number of lower case characters required in the password.
Minimum Numeric CharacterEnter the minimum number of numeric characters required in the password.
Minimum Special CharacterEnter the minimum number of special characters required in the password.
Password Expiry

Select the option when you want the password to expire. The options are:

- Never

- Every 15 Days

- Every 30 Days

- Every 60 Days

- Every 90 Days

Based on the selected option, the password will expire and you are required to reset it.

Do not allow users to use previous passwordsEnable if you do not want the user to use previous passwords again.
Previous PasswordsIf the above option is enabled, enter the number of previous passwords which cannot be used. For example, if 2 is entered, the user will not be allowed to set the last 2 previously used passwords.
Cannot be same as UsernameWhether the password can be same as the username or not.

Once done, click Update to apply the policy.

User Security

This tab enables you to enhance the security of the user accounts. You can set the two-factor authentication, lock user account, allow concurrent login, allow to use Google account to login, and use captcha. Also, you can set the session timeout parameters.

User Security

The parameters are:

Parameter                  Description
Enable two-factor authenticationEnable if you want to use the two-factor authentication method to login. Once enabled, select the Authentication Type that you want to use. The options are:

- Email: Along with the credentials you need to enter the OTP sent on the registered email address, to login to the portal. To receive the OTP, you need to configure an outgoing mailbox.

- Authenticator App: Along with the credentials you need to enter the code generated by the authenticator app. For more details, refer to the topic "How to use Authenticator App".

Once selected, the main Super Admin will have the options to regenerate recovery codes and reset two-factor authentication.
Lock user account after failed login attemptsEnable if you want to lock the user account once the limit of the failed login attempts exceeds. If enabled, specify the number in the Failed Login Attempts field.
Session TimeoutEnable if you want to configure when the session should timeout. If enabled, provide the Session Idle Time and Session Timeout in hours or minutes. Once, the idle session timeout duration is exceeded, the user's session will automatically close, and the login page will appear.
Allow Concurrent User Log InEnable if you want to allow the users to have concurrent sessions.
Allow user to login with Google accountEnable if you want to allow the user to use the Google Account to login to the portal. If enabled, enter the unique Google Web Client ID using which the user can login. This client ID can be generated by creating an Oauth2.0 Client ID from the Google Cloud Console. For more details, refer to the Configuring Gmail as Authentication Server section steps 4 to 10.

User Security

Enable Captcha

Enable if you want to use the Captcha on the login screen. Once enabled, provide the following inputs:

- Captcha Type: You can select either Online or Offline type of captcha to be used. If Online is selected, enter the Site Key, Secret Key, and select the Proxy Server if required.

Enable Captcha for

Select the page(s) on which you want to use the captcha. The options are:

- Guest User Request Creation Form

- Login Page

- Requester Self Registration Page

- Forgot Password Page

Once selected, the captcha will be available on the respective page.

Once all the settings are configured, click Update.

How to use Authenticator App?

To use the Authenticator App for Two-Factor Authentication:

  1. In ServiceOps, go to Admin > Organization > Security > User Security, and enable the Authenticator App option for the two-factor authentication field.
  2. Login to the ServiceOps portal. Once the credentials are entered, the Setup Two-factor Authentication screen will appear as shown below. This screen appears if you have not enrolled the authenticator app.

User Security

  1. In your mobile phone, install the desired authenticator app from the App Store. You can find the recommended apps list in the above figure.

  2. In the App, choose to add an account, and scan the QR code displayed on the screen. You can also use the code available by clicking the link "Can't scan the QR code?".

  3. Enter the Verification code displayed in the app to Confirm setup.

User Security

  1. The Recovery Codes will appear. You can either download or copy these codes in a separate text file. You can use these codes when you cannot access the app from your phone. Recovery codes can be used only once, after which they will become invalid. Tap Finish Setup.
note

The user will get enrolled for two-factor authentication even if the Finish Setup is not clicked.

User Security

  1. On the portal, enter the code generated by the Authenticator App, and Verify it.

User Security

  1. If you face any issue in accessing the code, you can use any of the below options:
  • Use a Recovery Code: Click to use a recovery code for authentication. A popup will appear where you need to enter the recovery code and verify it.
    note

    The main Super Admin can regenerate the recovery codes from the Edit Profile page, if the codes are about to get used or the app code is inaccessible.

  • Reset Two-Factor Authentication: Click to reset the Two-Factor Authentication account linked with the technician. Once clicked, enter the OTP sent to your registered email address, and verify it.
    Once verified, the login screen will appear.

User Security

  1. Now, you need to enter the credentials on the ServiceOps portal, and login.
  2. Once signed-out, next time when you login again, along with the credentials you will only have to enter the authentication code received from the app.

User Sessions

This tab displays the login sessions of the users along with their details. The details include Name, Email, Logon Name, Login Date, Login IP Address, and Login Platform (Browser or Mobile App). This helps to keep a track of the users who are logged in to the portal and Mobile App. All these details can be downloaded in PDF and Excel format. Also, you can terminate any session if required using the red Terminate Session icon from the Actions column.

User Sessions

IP Address Restriction

This tab displays a list of IP Addresses configured to allow access to the ServiceOps Portal. If the IP Address of the user is within the configured range, the user will be allowed to sign-in to the portal. If it is outside the configured range, the user will be restricted from signing-in with a message, "You are not allowed to login from current location".

IP Address Restriction

  • All the activities performed here will be logged and displayed in the Configuration Audit section. Also, if the user fails to sign-in due to the IP Address Restriction, the details will be displayed in the Configuration Audit.
  • You can also create a new IP Address Restriction table configuring the range as well as other details as below:

Create IP Address Restriction button

Create IP Address Restriction Page

Enter the following details:

  • Name: Provide the name of the IP Address Restriction list.
  • IP Address Restriction Type: Select the type of IP Address to be restricted. Options available: IPV4 and IPV6.
  • IP Range Type: Select the IP Range Type as:
    • Specific Range: Provide the IP Address Range by mentioning the IP Range Start and IP Range End.
    • Comma Separated IPs: Provide the list of IP Addresses separated by comma.
  • Restricted User Type: Select the type of users to be restricted. Available Options are: All Users, Requester, and Technician.
  • Description: Provide a brief description about the list.

Click Save and the IP Address Restriction list will be visible.

Enable/Delete/Edit

  • Enable/Disable: Enable or Disable a list for the Restriction. If enabled the list will be applied to the users and accordingly allowed to sign-in.
  • Edit/Delete: You can edit or delete the list from the Actions column.

Scheduled Operation Audit

This section displays the audit logs of the scheduled archiving and purging operations. Once the scheduler is executed, the audit entry appears in this tab.

To view the audit, select the time range and module whose details you want to view.