IT Glue has beefed up the security and device identification capabilities of its flagship managed services documentation platform, MyGlue password management application, and Network Glue network management solution.
Chief among the additions to the core documentation system is a new passphrase storage tool called “The Vault.” IT Glue’s software automatically encrypts passwords via HTTPS before saving them in its database, and keeps the encryption key in an entirely separate backend location. In the past, the personalized passphrase that each user employs to access encryption keys resided in yet another backend repository. The Vault, however, allows technicians to store passphrases locally instead.
“That passphrase never comes to the IT Glue system,” observes Nadir Merchant, IT Glue’s general manager, who notes that The Vault encrypts and decrypts keys locally too. “It moves the control of encryption entirely into the user’s hands and guarantees that should the IT Glue system be compromised, the attacker is not able to decrypt that password, because they’re missing that key element.”
New as well to IT Glue is the ability to arrange related passwords into folders and then assign folder-level permissions to them. Previously, Merchant notes, technicians had to set permissions for passwords manually. Under the new arrangement, passwords automatically inherit a folder’s permissions as soon as they’re placed there.
Another new feature lets users access one-time passwords for shared administrator credentials protected by multifactor authentication from inside IT Glue or MyGlue, rather than ask the owner of the password to supply it.
A further addition to MyGlue lets end users enter that system with the same single sign-on password they employ to access other applications. The feature integrates with any SSO tool based on the SAML 2.0 standard, including Azure Active Directory, Okta, Duo, OneLogin, and Passly. Introduced in April, Passly is made by ID Agent, which like IT Glue is owned by IT management software maker Kaseya.
Leaning on SSO products for authentication, Merchant notes, spares technicians from having to provision and manage MyGlue accounts for their customers. “For the end user,” he adds, “it simply means they don’t need to remember yet another password. If they have SSO, they can just jump right into MyGlue.”
A new integration with Network Glue allows IT Glue users to document what device each port on a switch is connected to automatically, rather than record that data by hand.
Enhanced capabilities in Network Glue itself announced today include the ability to identify the type and manufacturer of every device on a network map automatically based on an industry standard table of MAC address fingerprints, as well as the ability to discover and display which servers on a network are Active Directory domain controllers automatically. Before, Merchant notes, users could get that information only from within Active Directory itself. “Now they don’t need to log into AD because they can see it right there on our diagram.”
IT Glue’s emphasis on security functionality comes as attacks on MSPs and the systems they rely on are rising. Indeed, 37% of participants in Kaseya’s 2020 MSP Benchmark Survey said they feel more exposed to cybercrime this year than last. Features like The Vault, according to Merchant, are among the ways IT Glue is working to protect the valuable information like passwords in its database.