Feature Requests
Share ideas, discuss and vote on requests from other users in community
 
This object is in archive! 

Admin area data protection authentication steps

CDJ HOSTING shared this idea 6 years ago
Under Consideration

I think this is a fundamental concern for all companies, data protection is a very serious matter.

I believe we should be doing everything within our power to ensure that client data is protected bot from external access and also interior, this request will be dealing with on key area that i believe is currently lacking in adequate security steps to provide data protection.

The admin side client area. Understandably there are times when certain things need doing on a clients account. This is just standard business these instances are going to happen.

However, i don't believe that all system admin whether we believe they should be trusted or not, should have access to client data at any time they so choose.

In light of this, I am requesting they WHMCS implement a security measure that many if not all of the large financial institutes use. I know my mobile network provider uses it, both for automated systems and customer service agents.

Client password authentication on the admin side. This means, that to access a clients account, our support staff must first have had contact with the support staff who will ask for to characters from the password that the system asks for.

In this way, they cannot just log into a clients account and make changes, access control panels, Even "log in as client".

Whilst these areas are absolutely critical to what we do so that we can perform our duties promptly, they are most definitely one of the largest data protection concerns on our system and nothing is there address it.

I know that there are issues with what i request, what if its a one person company. Well in this instance they would be using there primary admin account which would not have these steps in force. maybe have a second security pass phrase to disable the checks until log out.

As for what gets protected, this should be decided by the website its on. However, i think certain aspects should not be optional. Any pages that contain client personal data or server login data should be locked at a minumum.

Comments (4)

photo
1

Hackers who hack their account know their password.

photo
1

Michael Dance wrote:

Hackers who hack their account know their password.
Hack whose account? if you are talking about the admin account, this would resolve the issue, if you are talking about the clients account, its simple, keep all data locked from changes on the client side, any changes to the client data have to go through the support desk.

The support desk can only make changes when all these steps are completed:

The client requests it.The client has verified by way of email receipt they are who they say.

To make sure that the emails are not one on the clients local account, enforce a strict off account email policy. This way a hacker getting into a clients account does not have access to the email address used, even if they got into the control panel for the clients hosting account.

All onsite emails should have sensitive data data blocked out, even in a clients account. This way no matter what the only way to verify to the support desk is by actual email receipt.

photo
1

what's wrong with a clear log visible in the client area?

so if an admin change something - the client will be aware what was done and by who?

photo
1

Logging already occurs admin side, And what your proposing is reactive measures, what im proposing is preventative measures. the two could co-exist granted but for this purpose im going to stick on track and hope that the developers implement this.

Maybe then we can push for expansion on the security and its logging features later.