Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 19 Next »

This page will cover the various options for user management and the authentication and security methods available for accessing ConnectSecure.

Please Note: SMS Gateway is not available.



Add New User

CS-How-To.png

Navigate to Global > Settings > Users and tap the Add button.

image-20240510-201543.png

Complete the required fields, which include the First Name, Last Name, Email, Phone Number, and Role.

Configure Company Level Access

When selecting a ROLE, you can configure the Company Level Access for that Role.

image-20240523-135147.png

You can use the three-dot action menu on the far right to Edit a User, Reset MFA, Delete a user, or access an API Key.

image-20240416-203050.png

The new user will receive an email where they must finish the initialization process by clicking through the email and completing their setup; the actual email example is below.

Email is sent from support@cybercns.com

image-20240209-215113.png

After clicking the 'Finish initialization' button link in the email, the new user will be asked to verify their email, enter the Code from the email (which is pre-filled), and create a new password.

image-20240209-215347.png

Once the password requirements are met, you will see the green checkmarks, and the Next button will illuminate.

image-20240209-215459.png

User Activated confirmation page appears, and the user can click the Next button.

image-20240209-215533.png

Enter your Login Name (the email address used for signup) and password.

New User 2-Factor Setup

You only need to set up one of the following methods, but you can configure multiple options if you choose to do so.

Tap your choice and then the Next button for setup. Below are instructions for the two options.

Authenticator App Method

Select the Authenticator App option, then tap next.

image-20240209-215833.png

Use your smartphone with your authenticator app (Google Auth, Microsoft Auth, Authy, Duo, etc..…), scan the QR code, OR copy the Secret and enter this manually into your app to get your Code to join.

image-20240212-210156.png

Upon entering the Code and tapping next, you should see the 2-factor verified screen to confirm your setup, and tap the Next button to proceed.

image-20240209-220528.png

You will be redirected to the authentication front-end Zitadel (authprod.myconnectsecure.com), where you will see your newly created user account details and options for password and Security, Identity Providers, Authorizations, Memberships, and Metadata.

image-20240209-220718.png

Tap on the Password and Security section on the left panel to view your 2-factor setup and options to configure additional authentication.

image-20240209-220845.png

This completes your setup. You can now visit the ConnectSecure portal and log in at https://portal.myconnectsecure.com. You must provide the tenant name based on your company.


Device Dependent Method

Select the Device dependent option, then tap Next.

image-20240209-221200.png

Enter the name of the security key or device that will be used. In this example, I am using my Windows-based desktop computer, so I am just using the local name of my PC, RS-Steel-Legend; you can use any name you choose.

image-20240209-221403.png

You will be prompted to enter your Windows Security password option configured; in this case, I am using the Windows Hello pin.

image-20240209-221450.png

Once you enter your PIN or alternative password, you will be prompted that the passkey is saved.

image-20240209-221520.png

2-factor verified confirmation appears; tap the Next button to complete.

image-20240209-221547.png

You will be redirected to the authentication front-end Zitadel (http://authprod.myconnectsecure.com), where you will see your newly created user account details and options for password and Security, Identity Providers, Authorizations, Memberships, and Metadata.

image-20240209-220718.png

Tap on the Password and Security section on the left panel to view your 2-factor setup and options to configure additional authentication.

image-20240209-221709.png

This completes your setup. You can now visit the ConnectSecure portal and log in at https://portal.myconnectsecure.com. You must provide the tenant name based on your company.

Please Note: SMS Gateway is not yet configured so the SMS options will not work at the moment.


Reset Password / MFA

This section will review how to use the password and MFA reset options and methods.

Ask Your Admin

If you have another user at your company with Admin permissions, you can ask them for assistance if you need to use the RESET MFA option.

Navigate to Global > User Management and use the three-dot action menu next to the user's name.

image-20240209-214821.png

From the login link (https://authprod.myconnectsecure.com/ui/login/loginname ), tap the Reset Password link.

image-20240212-192042.png

Confirm your email address is correct, then tap the next button.

image-20240212-192206.png

You will receive an email with a link to 'Reset password' as shown below. Tap on the Reset password button.

image-20240212-192507.png

The Code from the email should be automatically inserted into the Set Password screen. If it isn't, please copy and paste it, then set your new password and tap Next.

image-20240212-192743.png

You will see the Password Set confirmation screen; tap the Next button to complete.

image-20240212-192926.png

Upon successful login, you will be prompted to Verify 2-Factor before logging in.

image-20240212-193019.png

You will be prompted to enter your Windows Security, Auth App, or whichever Authentication Providersyou have configured in your tenant.

Upon successful login, you will land on the Zitadel authentication front end; navigate to your portal login screen here: https://portal.myconnectsecure.com to access the application.


Supported Password and Security

ConnectSecure has several methods available for authentication, which are found in the Zitadel portal; log in by visiting https://authprod.myconnectsecure.com, tap the Profile icon under the User icon, or from the sidebar using the Profile icon (must be at Global > Overview to access)

image-20240212-193924.png

Tap to the Password and Security section. You will see your three main options.

  1. Local password

  2. Passwordless Authentication

  3. Multifactor Authentication

image-20240212-194057.png

Passwordless Authentication

Tap the Add method option to add a new Passwordless method.

image-20240212-194406.png

Give the authenticator a name and tap Send Registration Link (1) or Generate QR Code (2).

image-20240212-194605.png

Multifactor Authentication

Tap the Add Factor option to add a new multifactor method.

image-20240212-194659.png

Tap on the desired option, which includes Auth App (TOTP), Fingerprint, Security Keys, Face ID, Windows Hello, or the One Time Password (OTP) email option.

NOTE: To use your phone with SMS, you must verify your phone number first.

image-20240212-194754.png

NOTE: To use your phone with SMS, you must verify your phone number first. See below for help.

image-20240212-195041.png

Assigning Security Roles to Users

What are Security Roles?

Roles are used to assign application permissions and company-level access rights.

Navigate to Global > Settings > Users menu.

image-20240510-201926.png

From the User Management screen, you will see the list of users with details that include First Name, Last Name, Email, Status, Company Access, and Role information.

image-20240510-201959.png

You can use the three-dot action menu to Edit a user and assign a Role.

image-20240510-202039.png

Select a Role and tap Update to save any changes.

image-20240510-202120.png

Default Roles and Security Matrix

ConnectSecure provides the following built-in roles with permissions, as listed in the table below.

Role

Overview

Assets

Vulnerabilities

Compliance

Active Directory

PII

Read

Write

ADMIN

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

ACTIVEDIRECTORYVIEWER

Yes

No

No

No

Yes

No

Yes

No

ACTIVEDIRECTORYWRITER

Yes

No

No

No

Yes

No

Yes

Yes

APPROVER (for suppression approval only)

No

No

No

No

No

No

Yes

No

ASSETVIEWER

Yes

Yes

No

No

No

No

Yes

No

ASSETWRITER

Yes

Yes

No

No

No

No

Yes

Yes

COMPLIANCEVIEWER

Yes

No

No

Yes

No

No

Yes

No

COMPLIANCEWRITER

Yes

No

No

Yes

No

No

Yes

Yes

PIIVIEWER

Yes

No

No

No

No

Yes

Yes

No

PIIWRITER

Yes

No

No

No

No

Yes

Yes

Yes

VULNERABILITYVIEWER

Yes

No

Yes

No

No

No

Yes

No

VULNERABILITYWRITER

Yes

No

Yes

No

No

No

Yes

Yes

In the previous version of ConnectSecure, we had a role called 'ITADMIN,' which is no longer found in V4.

To grant ITADMIN access similarly in V4, you should assign the following roles:

  • ASSETWRITER

  • VULNERABILITYWRITER

  • COMPLIANCEWRITER

  • ACTIVEDIRECTORYWRITER


Company Level Allow/Deny Access Options

You can restrict a user to a specific company or set of companies based on the Security Role assigned.

Select any role, except for Admin, to see those options.

Allowed Companies

image-20240212-205358.png

Denied Companies

Choose the Denied Companies radio option, then select from the Choose Company drop-down.

image-20240212-205459.png

API Key

You can obtain an API Key from the Member by navigating to Global > Overview/Dashboard > Users >User Management > tap the three-dot Action menu > API Key.

image-20240416-203556.png

This will display your Client ID and Client Secret values.

image-20240416-203625.png

Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

https://cybercns.freshdesk.com/en/support/login

image-20240206-144508.png

  • No labels