Security expectations and requirements are a reality for every business. Here at TDi Technologies, our software engineers work hard to ensure that ConsoleWorks meets or exceeds all of the security needs of our customers and prospects.
Since the release of ConsoleWorks Version 4.6 last year, we’ve introduced a number of changes to ConsoleWorks:
- Improved security of CWClient (CWterm) when used in Actions by improving the Authorization method.
- Reduced vulnerabilities between the server and User Interface and between the server and monitored devices by staying current with SSL and SSH security patches.
- Added visibility within the User Interface of last successful login and any failed login attempts.
- Allowed administrators to set the minimum password length to as long as 32 characters.
- Added a new Windows Event Forwarder (WEF) that uses an encrypted and authenticated connection between the server and Windows systems rather than the unencrypted syslog connection of the past.
- Added new password security controls to meet US Government and other requirements: Inactive Password Expiration, Minimum Time Between Password Changes, and Login Lockout after a specified number of failed login attempts.
TDi Technologies uses industry standard development methods including required coding reviews to ensure that new software vulnerabilities are not introduced during the development process. They monitor many sources of information concerning software vulnerabilities and attacks and act to change ConsoleWorks when the need arises.
Requests and inquiries concerning security and ConsoleWorks are given every consideration and almost always result in changes that meet our customers’ needs, especially when related to security standards such as NIST, SOX, NERC CIP, and HIPAA.