I've been asked the following questions by our Cyber Security Team to make sure we are compliant with company policies and asked to provide evidence to support these statements.
I know that user logging shows when people have recently logged into Dataminer and that a user can set a logout timer within their own profiles but i can't seem to find anywhere that i can set a group policy in Dataminer for items 1. & 4. and struggling to find logs that show 2. & 3.
Does anyone have any ideas if these are at all possible and if so where i would find the logs showing all the login attempts whether they be successful or not?
Thanks
Dave
- Accounts are being locked or blocked for a period of time after a number of predefined unsuccessful log-on attempts.
Screenshot taken after a number of failed logon attempts which demonstrates that the account is locked or logon is temporarily blocked. (Alternatively report from compliance management system which demonstrates that the appropriate system setting is in place.) Confirmation that the number of allowed failed logon attempts until the account gets locked / the system gets blocked is aligned with the relevant policy.
2. Unsuccessful and successful attempts are being logged and security events are raised if a potential attempted or successful breach of log-on controls is detected.
3. Log files from the system showing the unsuccessful logon attempts and screenshot of the resulting security event.
4. Inactive sessions are being terminated or locked after a defined period of inactivity.
Screenshot showing terminated or locked session after a period of inactivity. (Alternatively report from compliance management system which demonstrates that the appropriate system setting is in place.) Confirmation that the timeout limit is aligned with the relevant policy.
Thanks everyone for your help and explanations with this. You've saved me probably a weeks work trying to find all these settings and of course the Cyber Security Team will be over the moon that we're in compliance.
Glad we could help!
I think this blog post could also be interesting for you: https://community.dataminer.services/securing-dataminer/
More security topics will be coming soon!
Hi David – is your DataMiner System using Active Directory or maybe another LDAP compatible directory? Or are you running your DataMiner stand-alone? Because I believe this might be relevant in response to you questions. Integration with a directory is recommended, and in that case the actual authentication of the user itself is not done by DataMiner. Just checking what kind of environment / set-up you have.