If you run a support forum, you will soon realize that you cannot answer every query remotely. Often it is necessary that your customer grants you access to the customer system. Several problems can quickly arise when the access data is transmitted:
- Not all necessary access data is transmitted by the customer
- The transmission and storage of the access data took place via an insecure channel (e.g. e-mail or conversation)
- Accesses were not removed after completion of the work
This process is relatively critical, since unauthorized access can quickly lead to the compromise of customer systems.
We have developed a new system that solves exactly these problems and enables secure handling of access data. If you need access to a customer system, there is an explicit request for access data directly in the article. This is limited to the access data which is necessary to solve the problem.
Your customers now have the possibility to store access data explicitly for this request. The passwords and potentially sensitive information are stored asymmetrically encrypted with a public key before being saved in the database. To decrypt the access data, the corresponding private key is required, which is not stored on the server. In the theoretical case that an attacker gets access to our database, the access data cannot be decrypted because the private key is missing. We use the cryptographic encryption standard (RSA 4096 bit, AES-256-CBC) recommended by the German Federal Office for Information Security (BSI) in the technical guideline BSI TR-02102-1 to ensure the highest possible security. After the request has been processed, the access data is deleted from the system. The customer will be informed by e-mail and advised to block or delete access or to change the passwords.
-
5 Stars (2)
-
4 Stars (0)
-
3 Stars (0)
-
2 Stars (0)
-
1 Star (0)
-
Amazing Data Storage
It's really a useful tool for all support communities which need customers credentials to help fixing problems. Therefor I decided to translate the plugin into spanish, portuguese and polish language in order to give more admins the chance to support their costomers in their own lang.
Greets
-
Ein Mehrwert für Supportforen
-
-
T1N0 -
1.0.0 -
April 10, 2020 at 10:10 AM -
Verified purchase
Ein absoluter Mehrwert für Supportforen. Ich finde es sehr gut das Du Deine Erweiterung (Verbesserter Umgang mit Zugangsdaten zu Kundensystemen) mit uns Teilst. Die Einrichtung ist kinderleicht und auch die Anleitung dazu, sollte von jedem verstanden werden.
Danke Peter
-