This page will cover the various options for user management, as well as the authentication and security methods available for accessing ConnectSecure. Table of Contents
Add New User
Navigate to your Global Dashboard then, on the side toolbar, tap the User Management icon.
...
Tap the Add button to create a new user.
Info |
---|
If you do not see the User Management icon, you do not have the necessary permissions. |
...
Complete the required fields, which include the First Name, Last Name, Email, Phone Number, and Role.
...
Note |
---|
If you select the Role as ADMIN for the new user, that user will have full access to ALL companies. If you need to restrict a user's access to companies, you must select any role aside from ADMIN to see the Company Level access options. |
...
You can choose an Allow or Deny option using the radio selection, then use the Choose Company drop-down to select which companies apply, or choose the All Companies option.
...
Info |
---|
If you do not see the Company Level Access options, please check the selected Role is not ADMIN. |
After a successful save, you should see the message box.
...
You will then be returned to the Users screen, where the newly created user should appear in the list with the configured options.
...
Use This page will cover the various user management options and the authentication and security methods available for accessing ConnectSecure.
Note |
---|
Please Note: SMS Gateway is not available. |
Tip |
---|
All data is stored in Postgres with row-level security, and the managed database is encrypted at rest. Sensitive information is encrypted at the application level using AES 256 Ferner encryption. |
Info |
---|
Once a password is entered and saved, the next time you view/edit that option, the password will display blank by design. |
...
Table of Contents | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
Add New User
...
Navigate to Global > Settings > Users and tap the Add button.
...
Complete the required fields, which include the First Name, Last Name, Email, Phone Number, and Role.
Configure Company Level Access
When selecting a ROLE, you can configure the Company Level Access for that Role.
...
You can use the three-dot action menu on the far right to Edit a User, Reset MFA, or Delete the usera user, or access an API Key.
...
The new user will receive an email where they must finish the initialization process by clicking through the email and completing their setup; the actual email example is below.
...
After clicking the 'Finish initialization' button link in the email, the new user will be asked to verify their email, enter the Code from the email (which is pre-filled), and create a new password.
...
Once the password requirements are met, you will see the green checkmarks, and the Next button will illuminate.
...
User Activated confirmation page appears, and the user can click the Next button.
...
Enter your Login Name (the email address used for signup) and password.
New User 2-Factor Setup
Info |
---|
You only need to set up one of the following methods, but you can configure multiple options if you choose to do so. |
Tap your choice and then the Next button for setup. Below are instructions for the two options.
Authenticator App Method
Select the Authenticator App option, then tap next.
...
Use your smartphone with your authenticator app (Google Auth, Microsoft Auth, Authy, Duo, etc..…), scan the QR code, OR copy the Secret and enter this manually into your app to get your Code to join.
...
Upon entering the Code and tapping next, you should see the 2-factor verified screen to confirm your setup, and tap the Next button to proceed.
...
You will be redirected to the authentication front-end Zitadel (authprod.myconnectsecure.com), where you will see your newly created user account details and options for password and Security, Identity Providers, Authorizations, Memberships, and Metadata.
...
Tap on the Password and Security section on the left panel to view your 2-factor setup and options to configure additional authentication.
...
This completes your setup, and you can now visit the ConnectSecure portal and log in at https://portal.myconnectsecure.com - you must provide the tenant is pre-filled), and create a new password.
...
Once the password requirements are met, the green checkmarks and the Next button will be illuminated.
...
The User-activated confirmation page will appear, and the user can click the Next button.
...
Enter your Login Name (the email address used for signup) and password.
New User 2-Factor Setup
Info |
---|
You need only set up one of the following methods, but you can configure multiple options if you choose to. |
Tap your choice and then the Next button for setup. Below are instructions for the two options.
Authenticator App Method
Select the Authenticator App option, then tap next.
...
Use your smartphone with your authenticator app (Google Auth, Microsoft Auth, Authy, Duo, etc...…), scan the QR code, or copy the Secret and enter it manually into your app to get your Code to join.
...
Upon entering the Code and tapping next, you should see the 2-factor verified screen to confirm your setup. Tap the Next button to proceed.
...
You’s name based on your company.
...
Device Dependent Method
Select the Device dependent option, then tap Next.
...
This completes your setup, and you . You can now visit the ConnectSecure portal and log in at https://portal.myconnectsecure.com - you . You must provide the tenant name based on your company.
Note |
---|
Please Note: SMS Gateway is not yet configured so the SMS options will not work at the moment. |
...
Reset Password / MFA
This section will review how to use the password and MFA reset options and methods.
Ask Your Admin
If you have another user at your company with Admin permissions, you can ask them for assistance if you need to use the RESET MFA option.
Navigate to Global > User Management and use the three-dot action menu next to the user's name.
...
Once Reset MFA is initiated, The user can navigate to the login screen, enter their password, and they will then be prompted to set up their MFA
...
Self-Service Using Reset Password Link
From the login link (https://authprod.myconnectsecure.com/ui/login/loginname ), tap the Reset Password link.
...
You will receive an email with a link to ‘Reset password’ 'Reset password' as shown below. Tap on the Reset password button.
...
The code Code from the email should be automatically inserted into the Set Password screen. If it isn't, please copy and paste it, then set your new password and tap Next.
...
You will see the Password Set confirmation screen, ; tap the Next button to complete.
...
Upon successful logonlogin, you will be prompted to Verify 2-Factor before logging in.
...
Upon successful login, you will land on the Zitadel authentication front end; navigate to your portal login screen here: https://portal.myconnectsecure.com to access the application.
...
Supported Password and Security
ConnectSecure has several methods available for authentication, which are found in the Zitadel portal; login log in by visiting https://authprod.myconnectsecure.com, tap the Profile icon under the User icon, or from the sidebar using the Profile icon (must be at Global > Overview to access)
...
Tap to the Password and Security section. You will see your 3 three main options.
Local password
Passwordless Authentication
Multifactor Authentication
...
Passwordless Authentication
Tap the Add method option to add a new Passwordless method.
...
Give the authenticator a name and then tap either Send Registration Link (1) or Generate QR Code (2).
...
Multifactor Authentication
Tap the Add Factor option to add a new multifactor method.
...
Tap on the desired option, which include includes Auth App (TOTP), Fingerprint, Security Keys, Face ID, Windows Hello, or the One Time Password (OTP) email option.
...
Info |
---|
NOTE: To use your phone with SMS, you must verify your phone number first. See below for help. |
...
Assigning Security Roles to Users
Panel | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
What are Security Roles? Roles are used to assign application - permissions and company-level access rights. |
Navigate to Global > Overview > Dashboard, then tap the User Management iconSettings > Users menu.
...
From the User Management screen, you will see the list of users with details that include First Name, Last Name, Email, Status, Company Access, and Role information.
...
You can use the three-dot action menu to Edit a user and assign a Role.
...
Select a Role and tap Update to save any changes.
...
Roles are assigned during new user creation which is is found here:
...
a Role.
...
Select a Role and tap Update to save any changes.
...
Default Roles and Security Matrix
Info |
---|
NOTE: The role ‘approver’ is used for approval of suppression on vulnerabilities; so this refers to the approval of suppression |
ConnectSecure provides offers the following built-in predefined roles with permissions access to the data listed in the table below.:
Role | Overview | Assets | Vulnerabilities | Compliance | Active Directory | PII | Read | Write |
---|---|---|---|---|---|---|---|---|
ADMIN | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
ACTIVEDIRECTORYVIEWER | Yes | No | No | No | Yes | No | Yes | No |
ACTIVEDIRECTORYWRITER | Yes | No | No | No | Yes | No | Yes | Yes |
APPROVER |
No |
No | No | No | No | No | Yes | No | ||
ASSETVIEWER | Yes | Yes | No | No | No | No | Yes | No |
ASSETWRITER | Yes | Yes | No | No | No | No | Yes | Yes |
COMPLIANCEVIEWER | Yes | No | No | Yes | No | No | Yes | No |
COMPLIANCEWRITER | Yes | No | No | Yes | No | No | Yes | Yes |
PIIVIEWER | Yes | No | No | No | No | Yes | Yes | No |
PIIWRITER | Yes | No | No | No | No | Yes | Yes | Yes |
VULNERABILITYVIEWER | Yes | No | Yes | No | No | No | Yes | No |
VULNERABILITYWRITER | Yes | No | Yes | No | No | No | Yes | Yes |
No
Yes
No
No
No
Yes
No
VULNERABILITYWRITER
Yes
No
Yes
No
No
No
Yes
Yes
Info |
---|
In the previous version of ConnectSecure, we had a role called ‘ITADMIN’, which is no longer found. To grant ITADMIN access similarly in V4, you should assign the following roles:
|
Company Level Allow/Deny Access Options
...
Note |
---|
In the previous version of ConnectSecure, we had a role called 'ITADMIN,' which is no longer found in V4. To grant ITADMIN access similarly in V4, you should assign the following roles:
|
To use RMM integrations and allow company mapping access, the user is only required to have the ‘assetwriter’ role assigned
Info |
---|
...
Company Level Allow/Deny Access Options
You can restrict a user to a specific company or set of companies based on the Security Role assigned.
Allowed Companies
...
Denied Companies
Choose the Denied Companies radio option, then select from the Choose Company drop-down.
...
API Key
You can obtain an API Key from the Member by navigating to Global > Overview/Dashboard > Users >User Management > tap the three-dot Action menu > API Key.
...
This will display your Client ID and Client Secret values.
...
Need Support?
Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.
...