Best Practices to Secure the application (ServiceDesk Plus - MSP & Supportcenter Plus)

Best Practices to Secure the application (ServiceDesk Plus - MSP & Supportcenter Plus)

This document is common for ServiceDesk Plus MSP and Supportcenter Plus application

Best practices to avoid threats:
  • Upgrade to the latest version and builds.
  • Reset the password of bundled accounts (administrator and guest)
  • Enable two-factor authentication. 
  • Reset default scheduled backup password 
  • Enable account lock configuration to avoid brute force attack. 
  • Enable periodic backup and store the backup in a remote location. 
  • Disable concurrent login. 
  • Enable HTTPS mode.
  • Need to buy & apply genuine third party SSL certificate. User can apply the genuine SSL certificates under Admin->General->Import SSL Certificate page
  • We recommend to choose strong protocol (TLSv1.2) and ciphers under Admin->General->Security Settings page
  • We recommend to configure necessary security response headers available under Admin->General->Security Settings page
  • We recommend to reset the password of bundled "administrator" and "guest" account password
  • To avoid brute force attack, we recommend to configure the "Configure account lockout threshold and duration" available under Admin->General->Security Settings page. The configuration is used to block the unauthorized access
  • We recommend to enable password polices in Active Directory/SDP MSP application to avoid brute force attack.
  • We recommend to install the SDP MSP application in dedicated server machine to avoid unauthorized access
  • Configure appropriate session timeout for both web and mobile apps.
  • Disable Domain Filtering during login.
  • Enable Antivirus scanning for file uploads if possible.
  • Enable Password Policy.
  • Need to enable password protection for all exported files from SDP MSP application. Can configure this under Admin->Privacy Settings page
  • Enable attachment black/white list configuration to avoid malicious file uploads. 
  • Enable mandatory password reset on the first login. 
  • Disable all non-login features (Approval, Solutions, etc) 
  • Enable password protection for file attachments.

Also, we recommend referring to the below link to secure the instance from security threats. Below is applicable for SDP MSP too.

Please have additional security to protect the instance by installing third-party WAF/Firewall

                    New to ADSelfService Plus?

                      • Related Articles

                      • Implementing secure gateway server for ServiceDesk Plus

                        As per the RBI guidelines, FOS and Secure Gateway Server features are mandatory for all hosted software used in the banking domain. We can achieve a service gateway server in the service desk plus by following the below steps: Steps to Integrate with ...
                      • Best practices for managing old accounts and sites.

                        When dealing with old accounts/sites in Service Desk Plus MSP (SDP MSP), it's essential to follow best practices to maintain a clean and organized database. Managing old accounts/sites efficiently can help improve performance, reduce clutter, and ...
                      • How do I host ServiceDesk Plus MSP on the internet?

                        In order to make ServiceDeskPlus – MSP available for users in Internet, let us assume the following scenarios.   Scenario 1: ServiceDesk Plus – MSP is installed in LAN and should be available in LAN and WAN: Assume ServiceDesk Plus – MSP is installed ...
                      • SCP, SDP and MSP Differences

                        Though ManageEngine has multiple HelpDesk applications, they are developed and targeted for Different markets. Here are few cases to understand the difference between them. HelpDesk Applications in ManageEngine (ME) are as follows :  1. SupportCenter ...
                      • How to integrate ServiceDesk Plus MSP with WhatsApp business.

                        This article provides steps for integrating ServiceDesk plus MSP with WhatsApp (business). Note: This integration is compatible with versions 14600 & above. Before you begin, ensure you've reviewed the following prerequisites: Ensure your ServiceDesk ...