Modifying configurations¶
Securden lets you comprehensively enable, disable, and configure all the features that are part of the solution. You can make necessary modifications to the required features from the Configurations tab available under Admin >> Customization.
Defaults selection¶
When importing users from AD or file, what should be the default role?
While importing users from the Active directory, you can assign role to the users. You have the option to select which role users are imported with. When you click change, it shows the list of default roles and custom roles available. You can choose from the list of roles. The users which gets imported after changing the role will acquire that role.
While importing user groups from AD/Azure AD, do you want to configure automatic synchronization with Securden groups?
You can automatically synchronize the user groups in Securden with that of Active Directory. Automatic synchronization is applicable only for the user groups imported after saving this configuration. When users are added or deleted in AD, the same gets reflected here. You can also define the synchronization interval.
When you click change, a GUI with two options ‘Configure’ and ‘No’ appears. When you select No, automatic synchronization will be disabled. If you select ‘Configure’
A GUI named ‘Configure Automatic Group Synchronization’ appears. You can customize the time interval with which the synchronization should happen. After selecting the time interval click on ‘Save’ to see the changes.
When synchronizing user groups with AD in Securden, do you want to remove the users (from the group) who remain disabled in AD? If you select 'No' for this option, the disabled users in AD will only be disabled in Securden too. They will not be be removed from the respective group.
Securden allows you to remove the imported users who are disabled in the Active directory. If you don’t want them to be removed you can just disable them.
When you click change, a GUI with two options Yes and No appears. If you select Yes, the disabled users in the Active Directory will be removed. If you select No, the disabled users in AD will only be disabled in Securden too. They will not be removed from the respective groups.
Do you want to receive an email alert on the remaining user license count (when you can add less than 5 users)?
Securden allows up to 5 free users. You have the option to receive email alert on the remaining user license when the added user count is less than 5. When you click change, a confirmation box will appear saying Yes and No. You’ll receive email alerts if you select Yes and if you select No, it will be disabled.
Do you want to enable hotkeys?
Hotkeys here are nothing but the shortcut keys used inside the Securden UI. Securden has many hotkeys like ctrl+shift+U for copying account name, ctrl+shift+P for copying password, ctrl+shift+S for opening advanced search etc.
When you click change, a list with options like Enable for all, Disable for all and Customize appears. You can enable hotkeys for a custom list of users by selecting customize. If you select 'Enable', this configuration will be applicable only to the users/groups added below. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added below.
You can enable hotkeys for a custom list of users. If you select 'Enable', this configuration will be applicable only to the users/groups added below. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added below.
Do you want to send email alerts to users on user addition?
Securden sends email alerts to the users upon adding them. It is not mandatory. If you want to disable it, you can do it in the configuration section.
When you click change, it comes with the dropdown that says Yes and No. If you want to send email alerts, you can select Yes and if you don’t want you can select No.
Do you want to send email alerts when users are added in specific roles?
Securden has the flexibility to send email alerts to specific roles. It is totally customizable.
When you click change, it shows options like No and Customize. You can choose from the options given. If you don’t want to send email, you can select No. If you want to customize, you can select customize and make the required customization from the respective section.
Do you want to include the username of the creator and the time of creation as a footer in PDF reports?
Securden allows you to generate reports in the form of PDF. You have the option to include the username of the creator and the time of creation as a footer in PDF reports.
When you click change, a GUI with two options Yes and No appears. If you want to include the details in PDF, you can select Yes. If you don’t want to include the details, you can select No.
Password Policy¶
Would you like to enforce password policy during account addition and local password resets?
Securden allows you to enforce password policy during account addition and local password resets.
When you click change, a GUI with two options Yes and No appears. If you select Yes, password policy will be enforced and if you click No, it will not be enforced.
You can enforce complexity rules for the passphrase to be used for offline access. Select a password policy to be enforced for that purpose.
Securden allows you to create and enforce the complexity rules for passphrase to be used for offline access. You have the option to specify and enforce an existing password policy for the passphrase used to encrypt the offline copy. When you click change, a GUI named ‘Change Password Policy for Offline Access’ appears. You have to enter password policy by clicking the drop- down and click ‘Change policy’ to enforce them.
RESTful API¶
Do you want to allow API access for all users?
Securden allows you to have API access for all users. You can disable it for all and also customize it as desired. All these can be done in the Admin>>Configurations section.
When you click change, a dialog box with four options ‘Allow for all’, ‘Deny for all’, ‘Deny for Users & Auditors’ and ‘Customize’ appears. When you select ‘Allow for all’, all users will be allowed access and if you select ‘Deny for all’, all users will be denied from using API access. If you select ‘Deny for Users & Auditors’, only the Users & Auditors will be denied. If you select customize,
You can enable API access for a custom list of users. If you select 'Allow', this configuration will be applicable only to the users/groups added below. If you select 'Deny', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Account Management¶
Do you want to enforce folder selection while adding/editing accounts?
Securden allows you to enforce folder selection while adding/editing accounts. You have the option to enable/disable/customize the folder selection. When you click change, a confirmation box with three options Enable for all, Disable for all and Customize appears. If you select enable for all, the folder selection will be enforced for all the users and if you select disable for all it will be disabled for all the users.
If you select customize, you can enforce folder selection while adding/editing accounts for a custom list of users. If you select 'Enable', this configuration will be applicable only to the users/groups added below. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added.
Do you want to display the account details page in expanded form by default?
Securden allows you to display the account details page in expanded form by default. You can enable display of account details page in expanded form for a custom list of users.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, It will be displayed for all users. If you select ‘Disable for all’, it will not be displayed for anyone. If you select Customize,
You can enable display of account details page in expanded form for a custom list of users. If you select 'Enable', this configuration will be applicable only to the users/groups added below. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added.
Do you want to enforce users to provide reason while retrieving passwords?
Securden allows you to enforce users to provide reason while retrieving passwords. If you don’t want to enforce it for all the users and you want to customize it for specific users/Groups, you can go ahead and do it.
When you click change, a dialog box with three options Enable for all, Disable for all and Customize appears. If you select Enable for all, all users will be providing reasons while retrieving passwords and if you select ‘Disable for all’, this option will be disabled. If you select Customize,
You can enforce providing reason while retrieving passwords for a custom list of users . If you select 'Enable', this configuration will be applicable only to the users/groups added below. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added.
Do you want to enforce users to provide reason while launching remote connections using the remote launch icon
Securden allows you to enforce users to provide reason while launching remote connections using the remote launch icon. You can disable it and also can customize it for specific Users/Groups.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, it will be enforced for all the users and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’,
You can enforce providing reason while launching remote connections via the remote launch button for a custom list of users. If you select 'Enable', this configuration will be applicable only to the users/groups added below. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added. Finally click ‘save’ to show changes.
Do you want to enforce users to provide reason while changing password?
Securden allows users to provide reason while changing passwords. You can disable it for all the users and also can customize it for specific Users/Groups.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, it will be enforced for all the users and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears
You can enforce providing reason while changing passwords for a custom list of users . If you select 'Enable', this configuration will be applicable only to the users/groups added below. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added. Click ‘Save’ to show changes.
Do you want to enforce users to provide a reason while deleting accounts and folders?
Securden allows users to provide a reason while deleting accounts and folders. You can disable it for all the users and also can customize it for specific Users/Groups.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, it will be enforced for all the users and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears
You can enforce a custom list of users to provide a reason while deleting accounts and folders. If you select ‘Enable’, this configuration will be applicable only to the users/groups added below. If you select ‘Disable’, this configuration will be applicable to all users/groups except the ones added. Click ‘Save’ to show changes.
Do you want to set password change on remote machines as the default option?
Securden allows users to set password change on remote machines as the default options. You can disable it for all the users and also can customize it for specific Users/Groups.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, it will be enforced for all the users and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears
You can set password change as a default when logging into remote machines.. If you select 'Allow', this configuration will be applicable only to the users/groups added below. If you select 'Deny', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Do you want to display Recently Deleted Accounts by default?
Securden allows users to display Recently Deleted Accounts by default. You can disable it for all the users and also can customize it for specific Users/Groups.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, it will be enforced for all the users and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears
You can set password change as a default when logging into remote machines.. If you select 'Allow', this configuration will be applicable only to the users/groups added below. If you select 'Deny', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Do you want to restrict the time duration for password access requests as a part of 'Approval Workflow'? Once configured, users will have to specify a time duration (in minutes) within the maximum duration specified
Securden allows an option to restrict the time duration for password access requests as a part of 'Approval Workflow'.
When you click change, a GUI ‘Configure Maximum Time Duration for Password Access’ appears. If you want to restrict time limit, select ‘Restrict Time Duration’ you can specify the upper limit (in minutes) within which users can request access for password and if you don’t want, you can select ‘No restriction’. Click ‘save’ to show changes.
Do you want to deny account addition permission (work accounts) to the users with roles 'User' and 'Auditor'?
Securden have the option to deny account addition permission (work accounts) to the users with roles ‘User’ and ‘Auditor’.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, users with roles ‘Users’ and ‘Auditors’ will be denied account addition permission and if you select No, users will not have any such restrictions.
Do you want to allow users with the roles 'User' and 'Auditor' to import accounts from files?
Securden allows users with the roles ‘Users’ and ‘Auditor’ to import accounts from files. If you don’t want you can just disable it.
When you click change, a confirmation box will appear saying Yes and No.
If you click Yes, users with roles ‘Users’ and ‘Auditors’ will be allowed to import accounts from files and if you select No, users will not have any such permissions.
Do you want to allow users with roles 'User' and 'Auditor' to edit the details of accounts that are shared to them with ‘Manage’ privilege?
Securden allows users with the roles ‘Users’ and ‘Auditor’ to edit the details of accounts that are shared to them with ‘Manage’ privilege. If you don’t want you can just disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, users with roles ‘Users’ and ‘Auditors’ will be allowed to edit the details of accounts that are shared to them with ‘Manage’ privilege and if you select No, users will not have any such permissions.
Do you want to allow users (irrespective of the role) to view the 'Password History' of accounts if the share permissions allow them to view passwords?
Securden allows users(irrespective of the role) to view the 'Password History' of accounts if the share permissions allow them to view passwords. If you don’t want you can just disable it.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, it will be enforced for all the users and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can allow a custom list of users to view 'Password History' of accounts if they already have view permission. If you select 'Allow', this configuration will be applicable only to the users/groups added below. If you select 'Deny', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Do you want to deny account sharing permission to the users with the roles ‘User’ and ‘Auditor’?
Securden have the option to deny account sharing permission to the users with roles ‘User’ and ‘Auditor’. If you don’t want you can just disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, users with roles ‘Users’ and ‘Auditors’ will be denied account sharing permission to the users with the roles ‘User’ and ‘Auditor’ and if you select No, users will not have any such restrictions.
Do you want to enforce selection of a parent folder while adding/editing folders?
Securden allows you to enforce selection of a parent folder while adding/editing folders. If you don’t want you can disable it.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, it will be enforced for all the users and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can enforce parent folder selection while adding/editing folders for a custom list of users. If you select 'Enable', this configuration will be applicable only to the users/groups added below. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
During folder creation, do you want to enable 'permissions inheritance from parent folders' by default?
Securden allows you to enable ‘permissions inheritance from parent folders’ by default during folder creation. If you don’t want you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, ‘permission inheritance from parent folders’ will be enabled by default during folder creation and if you select No, it will be disabled.
Do you want to enforce 'permissions inheritance from parent folders', while creating or editing a folder?
Securden allows you to enable ‘permissions inheritance from parent folders’ while creating or editing a folder. If you don’t want you can disable it.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, it will be enforced for all the users and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can enforce parent folder inheritance for specific users/groups. You can do this by selecting the list of users/groups and enable/disable parent folder inheritance. Click ‘save’ to show changes.
Do you want to restrict users with roles 'User' and 'Auditor' from deleting the accounts owned by them?
Securden have the option to restrict users with roles ‘User’ and ‘Auditor’ from deleting the accounts owned be them. If you don’t want you can just disable it.
When you click change, a confirmation box will appear saying Yes and No.
If you click Yes, users with roles ‘User’ and ‘Auditor’ will be restricted from deleting the accounts and if you select No, it will be disabled.
Upon clicking a folder in the 'Accounts' list view, do you want to show the accounts belonging to its sub-folders?
Securden have the option to show the accounts belonging to its sub-folders upon clicking a folder in the ‘Accounts’ list view. If you don’t want you can just disable it.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, it will be enforced for all the users and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can enable viewing of accounts belonging to the sub-folders while clicking a folder in the 'Accounts' list view a custom list of users. If you select 'Enable', this configuration will be applicable only to the users/groups added. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Do you want to show the folders tree in collapsed mode on the 'Folders' tab?
Securden have the option to show the folders tree in collapsed mode on the ‘Folders’ tab. If you don’t want you can just disable it.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, it will be enabled for all the users and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can apply this setting for specific users or a group alone. Select the names of users and groups here. If you select 'Enable', this configuration will be applicable only to the users/groups added. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Do you want to show the folders tree structure in 'Accounts' view in compact form collapsing the entries by default?
Securden have the option to show the folders tree structure in ‘Accounts’ view in compact form collapsing the entries by default. If you don’t want you can disable it.
When you click change, a confirmation box will appear saying Yes and No.
If you click Yes, the folders tree structure in ‘accounts’ view in compact form collapsing the entries by default will be shown and if you select No, it will be disabled.
Do you want to allow users to add multiple accounts with the same account title?
Securden allows users to add multiple accounts with the same account title. If you don’t want, you can just disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, users can add multiple accounts with the same account title and if you select No, it will be disabled.
When ticketing system validation is enforced, do you want to enforce ticket ID validation during remote password reset operation?
Securden have the option to enforce ticket ID validation during remote password reset operation when ticketing system validation is enforced. If you don’t want you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, ticket ID validation during remote password reset operation will be enabled and if you select No, it will be disabled.
How long (in days) would you like to keep the recently deleted accounts before permanently deleting them?
Securden allows an option to keep the recently deleted accounts before permanently deleting them for a period of time. You can specify the time period (in days).
When you click change, a GUI appears ‘Recently Deleted Accounts Restoration’. You can specify the maximum number of days the recently deleted accounts to be kept for recovery. During this time window, you will have the option to recover. After that, the accounts will be permanently deleted. At last, click ‘save’ to show changes.
Do you want the system default folders to be shown on the Accounts page?
Securden have the option to show the system default folders on the Accounts page. If you don’t want.
When you click change, a dialog box with two options ‘Yes’ and ‘Customize’ appears. If you select Yes, the system default folders will be shown on the Accounts page and if you select Customize, a GUI appears.
The list of default system folders is shown below. Select the ones that you want to see on the 'Accounts' page. The greyed-out items in the list cannot be disabled.
When searching for folders, do you want to include sub-folders in the search result?
Securden have the option to include sub-folders in the search result when searching for folders. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, sub-folders will be included in the search result when searching for folders and if you select No, it will be disabled.
Do you want allow your users to create their own tags while adding or editing work accounts?
Securden allows your users to create their own tags while adding or editing work accounts. If you don’t want, you can disable it.
When you click change, a dialog box with three options ‘Allow for all’, ‘Deny for all’ and ‘Customize’ appears. If you select ‘Allow for all’, users will be allowed to create their own tags while adding or editing work accounts and if you select ‘Deny for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can enable or disable specific users/groups from creating custom tags. Disabled users/groups will only be able to utilize existing tags while creating/editing accounts. Click ‘save’ to show changes.
Do you want to customize the account details displayed in the 'Accounts' list view?
Securden allows you to customize the account details displayed in the ‘Accounts’ list view. If you don’t want, you can disable it or even customize it. This can be done in the Admin >> Configurations section.
When you click change, a dialog box with two options ‘No’ and ‘Customize’ appears. If you select ‘No’, the account details cannot be customized in the ‘Accounts’ list view. If you select ‘Customize’, a GUI appears.
You have the option to select/deselect the account details displayed in the 'Accounts' list. The Account Title is displayed by default and cannot be disabled. Click ‘save’ to show changes.
Do you want to display the account title shown on the web interface in multiple lines?
Securden allows you to display the account title shown on the web interface in multiple lines. If you don’t want to display, you can just disable it.
When you click change, a confirmation box will appear saying Yes and No.
If you click Yes, the account title shown on the web interface will be displayed in multiple lines and if you select No, it will be disabled.
Remote Connections¶
When launching remote connections using a domain account, a list of FQDN/IP addresses will be displayed to which you can connect. Do you want to show the address of the domain account in the list?
Securden have the option to show the address of the domain account in the list. When launching remote connections using a domain account, a list of FQDN/IP addresses will be displayed to which you can connect. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you select Yes, the address of the list will be shown in the list and if you want to disable it, you can select No.
When launching remote connections with specific addresses (FQDN/IP Address) using a domain account, do you want to display the list of permitted account addresses a user has access to?
Securden allows you to display the list of permitted account addresses a user has access to, When launching remote connections with specific addresses (FQDN/IP Address) using a domain account. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you select Yes, the list of permitted account addresses a user has access to will be displayed and if you want to disable it, you can select No.
When launching remote connections using a domain account, do you want to allow users to type the name of IT asset to be connected?
Securden allows users to type the name of IT asset to be connected when launching remote connections using a domain account. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you select Yes, users will be allowed to type the name of IT asset to be connected and if you want to disable it, you can select No.
Do you want to allow remote Telnet connections? When the Telnet window is opened, Securden fills the credentials (password might get printed on the command window). Telnet protocol has its inherent security limitations that have limited its usefulness in environments where the network cannot be fully trusted. The use of Telnet over the public internet should be avoided as it carries the risk of eavesdropping. Allow this only after carefully considering the security aspects.
Securden have the option to allow remote Telnet connections. If you don’t want, you can disable it.
Do you want to disable any type of remote connections available in Securden?
Securden allows you to disable any type of remote connections available. If you don’t want, you can disable it or even customize it.
When you click change, a dialog box with two options ‘No’ and ‘Customize’ appears. If you select ‘No’, the option to disable any type of remote connections available will be denied. If you select ‘Customize’, a GUI appears.
Securden supports various protocols for launching remote connections. You may enable or disable any protocol as needed. Every connection type listed below is enabled by default, except Windows Telnet & Putty Telnet connections.
To disable a protocol, unselect it from the list below.
If you select to have Telnet connections, you need to additionally enable Telnet connections from Admin >> Customization >> Configurations >> Remote Connections. You can select up to five details to be shown in the details list.
Do you want to enable Bypass alerts from the securden agent when RDP connection is not launched through securden session manager?
Securden allows you to enable Bypass alerts from the securden agent when RDP connection is not launched through securden session manager. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you select Yes, Bypass agents from the Securden agent will be enabled and if you want to disable it, you can select No.
Do you want to enable the Securden agent to confirm its presence with the server? If yes, specify the time interval in which the agent tries contacting the server.
Securden allows you to enable the Securden agent to confirm its presence with the server. If you don’t want, you can disable it.
You can specify the upper time limit (in minutes) within which the agent should contact the server to confirm its presence, on exceeding which an audit is captured. You can turn it off by selecting disable. Click ‘save’ to show changes.
Export Accounts¶
Do you want to allow your users to export their work accounts as .xlsx file?
Securden allows your users to export their work accounts as .xlsx file. If you don’t want, you can disable it or even customize it. When you click change, a dialog box with three options ‘Allow for all’, ‘Deny for all’ and ‘Customize’ appears. If you select ‘Allow for all’, users will be allowed to export their work accounts as .xlsx file and if you select ‘Deny for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can allow a custom list of users to export their work accounts as .xlsx file. If you select 'Allow', this configuration will be applicable only to the users/groups added below. If you select 'Deny', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Do you want to allow your users to export their personal accounts as .xlsx file?
Securden allows your users to export their personal accounts as .xlsx file. If you don’t want, you can disable it or even customize it.
When you click change, a dialog box with three options ‘Allow for all’, ‘Deny for all’ and ‘Customize’ appears. If you select ‘Allow for all’, users will be allowed to export their personal accounts as .xlsx file and if you select ‘Deny for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can allow a custom list of users to export their personal accounts as .xlsx file. If you select 'Allow', this configuration will be applicable only to the users/groups added below. If you select 'Deny', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Do you wish to conceal the password column when users export their work accounts as .xlsx file?
Securden have the option to conceal the password column when users export their work accounts as .xlsx file. If you don’t want, you can disable it or you can even customize it.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, the password column will be concealed when users export their work accounts as .xlxs file and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can conceal the password column while exporting work accounts as .xlsx file for a custom list of users. If you select 'Enable', this configuration will be applicable only to the users/groups added below. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Do you want to allow offline access for your users? If allowed, they will be able to download their data as an encrypted HTML file.
Securden have the option to allow offline access for your users. If allowed, they will be able to download their data as an encrypted HTML file. If you don’t want, you can disable it and you can even customize it.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, your users will be allowed offline access and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can allow offline access for a custom list of users. If you select 'Allow', this configuration will be applicable only to the users/groups added below. If you select 'Deny', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Privilege Management¶
Would you like to automatically approve admin privilege elevation requests?
Securden allows you to automatically approve admin privilege elevation requests. If you don’t want, you can disable it.
Securden allows you to automatically approve admin privilege elevation requests. If you don’t want, you can disable it. When you click change, a confirmation box will appear saying Yes and No. If you click Yes, admin privilege elevation requests will be automatically approved and if you select No, it will be disabled.
Would you like to allow applications to be elevated with domain admin privilege?
Securden have an option to elevate the applications with domain admin privilege. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, applications will be elevated with domain admin privilege and if you select No, it will be disabled.
Do you want to allow discovery of applications running on endpoints and servers upon installing Securden agents?
Securden allows discovery of applications running on endpoints and servers upon installing Securden agents. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, discovery of applications running on endpoints and servers will be enabled upon installing Securden agents and if you select No, it will be disabled.
On clicking the Securden agent tray icon on endpoints, what options would you like to show?
Securden allows to show the options by clicking the Securden agent tray icon on endpoints. If you don’t want, you can disable it or even customize it.
When you click change, a dialog box with three options ‘Application elevation for endusers’, ‘Technician access’, and ‘Both’ appears. If you select ‘Application elevation for endusers’, only this option will be enabled and if you select ‘Technician access’, technician access option will be enabled in the agent tray icon. When you select ‘Both’, you can avail both options.
Securden agent can fetch the latest changes from the server periodically at a specified interval. Would you like to set that time interval (in minutes) here?
Securden agent can fetch the latest changes from the server periodically at a specified interval. It allows to set that time interval (in minutes) here.
When you click change, a GUI ‘Data Fetch Interval’ appears. You can specify the time interval (in minutes) at which the Securden agent will periodically fetch data from the server. Click ‘save’ to show changes.
Do you want to allow users to edit username on the authentication screen shown by Securden agent?
Securden allows users to edit username on the authentication screen shown by Securden agent. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you select Yes, users will be allowed to edit the username on the authentication screen shown by Securden agent and if you want to disable it, you can select No.
Securden agent discovers running processes periodically. Do you want to create applications for the discovered processes?
Securden agent discovers running processes periodically. It allows you to create applications for the discovered processes. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you select Yes, applications can be created for the discovered processes and if you don’t want to disable it, you can select No.
Do you want to display the option to reinstall/upgrade and uninstall the Securden agent on the computer details page?
Securden allows you to display the option to reinstall/upgrade and uninstall the Securden agent on the computer details page. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you select Yes, the option to reinstall/upgrade and uninstall the Securden agent on the computer details page will be displayed and if you don’t want it, you can select No.
Do you want to send a notification email to all approvers when a request is approved or rejected by a designated approver?
Securden have an option to send a notification email to all approvers when a request is approved or rejected by a designated approver. If you don’t want, you can disable it
When you click change, a confirmation box will appear saying Yes and No. If you select Yes, notification email will be sent to all approvers and if you don’t want, you can select No.
Do you want to enforce authentication to protect the Securden Agent from being uninstalled?
Securden provides an option to enforce authentication to protect the Securden Agent from being uninstalled. If you don’t want, you can disable it.
When you click change, a GUI ‘Set Authentication for Agent Uninstallation’ appears. In that you can enforce a password requirement to prevent users from uninstalling the Securden Agent. To set a password requirement, click 'Yes' and enter a password. By clicking 'No', users will be able to uninstall the Agent directly. The best practice is to set a password to stop the Agent from being uninstalled. Click ‘save’ to show changes.
While creating control policies, do you want to give 'Exclude' users a higher preference than 'All' users? If you choose Yes, a policy that excludes specific users will precede a different policy created for all users.
Securden gives you an option to 'Exclude' users a higher preference than 'All' users while creating control policies. If you don’t want , you can disable it.
When you click change, a confirmation box will appear saying Yes and No.
If you select Yes, a policy that excludes specific users will precede a different policy created for all users and if you want to disable it, you can select No.
Do you want to enable/disable the Securden Agent to be upgraded automatically?
Securden has the option to enable/disable the Securden Agent to be upgraded automatically. If you don’t want, you can disable it.
When you click change, a GUI ‘Configure Agent Auto-Upgrade’ appears. You have the option to upgrade the Securden Agent automatically when a newer version is available. If you Enable auto-upgrade, you need to specify the time slot during which the agent should be upgraded. It is recommended to select a time slot outside your regular business hours. If you Disable auto-upgrade, the agent will not be upgraded automatically. Click ‘save’ to show changes.
Do you want to automatically pull changes from server whenever the user attempts to run applications as administrator using the UAC prompt?
Securden allows you to automatically pull changes from server whenever the user attempts to run applications as administrator using the UAC prompt. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No.
If you select Yes, changes will be pulled automatically from server and if you don’t want, you can disable it.
Do you want to display the Securden privilege elevation popup over the UAC prompt whenever users attempt to elevate applications?
Securden allows you to display the Securden privilege elevation popup over the UAC prompt whenever users attempt to elevate applications. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you select Yes, the Securden privilege elevation popup will be displayed and if you don’t want, you can disable it.
Offline Access¶
Do you want to allow automatic approval for privilege elevation requests if the user is on the automatic approval list?
Securden allows automatic approval for privilege elevation requests if the user is on the automatic approval list. If you don’t want, you can disable it or even customize it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, automatic approval for privilege elevation requests if the user is on the automatic approval list will be enabled and if you select No, it will be disabled.
Do you want to allow offline automatic approval for privilege elevation requests if the user who is raising the request has already generated offline access codes?
Securden allows offline automatic approval for privilege elevation requests if the user who is raising the request has already generated offline access codes.
You can specify the maximum number of codes a user can generate and use to raise approval requests for temporary elevated access in offline scenarios. You can choose to apply this setting for any specific purpose as below. You have the option to specify the maximum time duration the user can have elevated access. Click ‘save’ to show changes.
Do you want to allow users to regenerate offline codes? Even if you choose 'No', Users included in Automatic Approval Policies will be able to regenerate offline codes.
Securden allows users to regenerate offline codes. Even if you choose 'No', Users included in Automatic Approval Policies will be able to regenerate offline codes. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, users will be able to regenerate offline codes and if you select No, it will be disabled.
Do you want to allow privilege elevation in offline scenarios using access codes generated by the admin?
Securden allows privilege elevation in offline scenarios using access codes generated by the admin.
You can choose to allow users to use an Admin-Generated offline code for temporarily elevating specific applications or for gaining full admin access or both. You have the option to specify the maximum time duration the user can have elevated access. Click ‘save’ to show changes.
Temporary Full Admin Access¶
Do you want to restrict the time duration for elevation requests? Once configured, users will have to specify a time duration (in minutes) within the maximum duration specified.
Securden have the option to restrict the time duration for elevation requests. Once configured, users will have to specify a time duration (in minutes) within maximum duration specified.
You can specify the upper limit (in minutes) within which users can request access for elevated access. Click ‘save’ to show changes.
When allowing users to request for extending their elevated access, do you want to specify a restriction on the maximum time duration (in minutes)? If specified, users will be able to ask for an extension within the duration specified.
Securden have the option to specify a restriction on the maximum time duration (in minutes) when allowing users to request for extending their elevated access. If specified, users will be able to ask for an extension within the duration specified.
You can specify the upper time limit (in minutes) within which users can ask for an extension of the elevated access. For example, if you specify 30 minutes, users will be able to request an extension for 30 minutes or less. Click ‘save’ to show changes.
Would you like to configure which privilege elevation requests can be raised by users? If set to 'Full Admin Access', they would only be able to raise requests for full admin access and not for specific applications. If set to 'For a Specific Application', they would only be able to raise requests for accessing specific applications and not for full admin access. To allow raising requests for the two, set the configuration to 'Both'.
Securden allows you to configure which privilege elevation requests can be raised by users.
When you click change, a dialog box with three options ‘Application Access’, ‘Full Admin Access’ and ‘Both’ appears. If set to 'Full Admin Access', they would only be able to raise requests for full admin access and not for specific applications. If set to 'For a Specific Application', they would only be able to raise requests for accessing specific applications and not for full admin access. To allow raising requests for the two, set the configuration to 'Both'.
When you grant temporary full administrator rights, the explorer process would be killed. Would you like to restart it when the user gains administrator rights?
Securden allows you like to restart it when the user gains administrator rights. When you grant temporary full administrator rights, the explorer process would be killed. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, the process will be restarted when the user gains administrator rights and if you select No, it will be disabled.
When granting temporary full administrator rights, would you like to add the user to the administrator group for the session? This will make the user a full administrator for the limited time-duration.
Securden allows you to add the user to the administrator group for the session when granted temporary full administrator rights. This will make the user a full administrator for the limited time-duration. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, the user will be added to the administrator group for the session and if you select No, it will be disabled.
If new administrator users are created when a user makes use of temporary administrator privileges, would you like to remove the newly created user from the admin group?
Securden allows you to remove the newly created user from the admin group, If new administrator users are created when a user makes use of temporary administrator privileges. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, the newly created user from the admin group will be removed and if you select No, it will be disabled.
Technician Access¶
Would you like to configure the MFA system used in the organization to be the additional authentication factor during technician access by users?
Securden allows you to configure the MFA system used in the organization to be the additional authentication factor during technician access by users. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, the MFA system used in the organization to be the additional authentication factor during technician access by users will be configured and if you select No, it will be disabled.
Do you want to restrict the time duration for Technician access? Once configured, users will have to specify a time duration (in minutes) within the maximum duration specified.
Securden have the option to restrict the time duration for Technician access. Once configured, users will have to specify a time duration (in minutes) within the maximum duration specified.
When you click change, a GUI appears. In that, you can specify the upper limit (in minutes) within which users can request access for technician access. Click ‘save’ to show changes.
Personal¶
Do you want to allow your users to manage personal accounts?
Securden allows your users to manage personal accounts. If you don’t want, you can disable it or even customize it.
When you click change, a dialog box with three options ‘Allow for all’, ‘Deny for all’ and ‘Customize’ appears. If you select ‘Allow for all’, users will be allowed to export their personal accounts as .xlsx file and if you select ‘Deny for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can allow a custom list of users to manage personal accounts. If you select 'Allow', this configuration will be applicable only to the users/groups added below. If you select 'Deny', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Browser Extension¶
Do you want to allow automatic submission of credentials for directly logging in to websites using browser extension?
Securden allows your users to export their personal accounts as .xlsx file. If you don’t want, you can disable it or even customize it.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, the password column will be concealed when users export their work accounts as .xlxs file and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
When accounts are shared with 'Open Connection' permission, do you want to allow automatic filling of credentials on websites using browser extension?
Securden allows automatic filling of credentials on websites using browser extension when accounts are shared with ‘Open Connection’ permission. If you don’t want, you can disable it or even customize it. This can be done in the Admin >> Configurations section.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, automatic filling of credentials on websites using browser extension will be allowed and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can enable automatic filling of credentials on websites using browser extension when accounts are shared with 'Open Connection' permission for a custom list of users. If you select 'Enable', this configuration will be applicable only to the users/groups added below. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Do you want the Securden browser extension's auto-fill icon to be present in all input fields of the web pages?
Securden allows browser extension’s auto-fill icon to be present in all input fields of the web pages. If you don’t want, you can disable it or even customize it.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, Securden’s browser extension’s auto-fill icon will be present in all input fields of the web pages for all Users/Groups and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears.
You can enable Securden autofill icon to be filled in all input fields on websites. If you select 'Enable', this configuration will be applicable only to the users/groups added below. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added. Click ‘save’ to show changes.
Mobile App¶
Do you want to enable MFA for Securden mobile application?
Securden allows you to enable Multi Factor Authentication for Securden mobile application. You can disable it or you can also customize it for specific Users/Groups.
When you click change, a dialog box with three options ‘Enable for all’, ‘Disable for all’ and ‘Customize’ appears. If you select ‘Enable for all’, it will be enforced for all the users and if you select ‘Disable for all’, it will be denied for all the users. If you select ‘Customize’, a GUI appears
You can enable MFA for Securden mobile application for a custom list of users. If you select 'Enable', this configuration will be applicable only to the users/groups added below. If you select 'Disable', this configuration will be applicable to all users/groups except the ones added. Click ‘Save’ to show changes.
General¶
Do you want to check the Active Directory port before initializing the connection with the AD? If yes, specify the time duration in seconds after which the check times out.
Securden provides an option to check the Active Directory port before initializing the connection with the AD. You can specify the time duration in seconds after which the check times out. If you don’t want, you can disable it or even customize it.
When you click change, a GUI appears. In that, you can specify the time duration (in seconds) within which a response from the Active Directory domain controller is expected. Click ‘save’ to show changes.
Do you want to run password verification schedule everyday?
Securden have an option to run password verification schedule everyday. If you don’t want, you can disable it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, the option to run password verification schedule everyday will be enabled and if you select No, it will be disabled.
Do you want to disable local authentication in Securden? In case, you choose not to allow local authentication, no local user will be able to login into Securden.
Securden have an option to disable local authentication. In case, you choose not to allow local authentication, no local user will be able to login into Securden. If you don’t want, you can disable it or even customize it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, the option to disable local authentication will be enabled and if you select No, it will be disabled.
Do you want to display 'forgot password' option in Securden login GUI? In case, you choose not to allow this, no one in your organization, including the super administrator will see 'forgot password' link.
Securden allows an option to display ‘forgot password’ in Securden login GUI. In case, you choose not to allow this, no one in your organization, including the super administrator will see 'forgot password' link. If you don’t want, you can disable it or even customize it.
When you click change, a confirmation box will appear saying Yes and No. If you click Yes, the option to display ‘forgot password’ in Securden login GUI will be enabled and if you select No, it will be disabled.
Do you want to customize the footer section for emails generated by Securden?
Securden allows you to customize the footer section for emails generated. If you don’t want, you can disable it or even customize it.
When you click change, a GUI appears. In that You have the option to modify the footer section in emails generated by Securden. You can customize the existing copyright text and the footer message. Click ‘save’ to show changes.
How long should the web session be active (in minutes) when things are idle?
Securden allows you to specify the maximum time (in minutes) should the web session be kept active when things are idle. You have the option to keep the session active indefinitely too.
When you click change, a GUI named ‘Change Inactivity Timeout’ appears. In that, you can choose ‘Keep Active Indefinitely’ if you want to keep the session alive or choose ‘Specify Session Timeout’ if you want to customize the maximum time. You have the option to logout the session on closing the browser. You can select the checkbox if you want to enable it. Click ‘save’ in the end.
What should be the default date and time display format?
You can define the specific format in which the date and time should be displayed in the GUI. There is a list of various time and date formats available and you can choose from it.
When you click change, a GUI with a list of date and time display format appears. You can choose the desired format from the list. Click ‘save’ to show changes.
Do you want to disable the Super Administrator role?
Securden has 5 pre-defined user roles which includes user, auditor, account manager, administrator and super administrator. Super administrator is a kind of break glass account. They will not have any access control. They will be able to just view all the data stored in the application. If you don’t want a super administrator role, you can disable it. When you click change, a dialog box comes up with two options ‘enable’ and ‘disable’. If you want a super administrator role you can click enable and if you don’t want, you can disable it.
When you click change, a dialog box comes up with two options ‘enable’ and ‘disable’. If you want a super administrator role you can click enable and if you don’t want, you can disable it.