73 results found
-
One time secret password
From all password locations in Atera have a button to send the one time secret password or generate and send a new one. Similar to www.onetimesecret.com.
For customer contacts passwords, have the option to send to that user or another email the tech enters.
For other passwords ask for who to send to.
4 votes -
Atera Hosted SIEM
Atera Hosted SIEM: smaller healthcare clinics, they would like to have the SIEM built in. little agent that is on the computer and its only purpose is to record and checks for vulnerability – makes a record of everything you are doing on the computer (Websites you're going into, connected to the shared, used an app to open), sort of like auditing tool. Something that you can use to catch security breach. It’s becoming more and more important.
5 votes -
Show oudated software via info alert an show what is the new version and give the function to update it right away
Show oudated software via info alert an show what is the new version and give the function to update it right away
2 votes -
2FA Using FIDO Security Keys
Please integrate 2 factor authentication using FIDO keys (i.e. YubiKey or Google Titan). This is already supported by Auth0.
36 votes -
Dashlane integation
Dashlane seems to have risen in popularity since the big LastPass hack. Any chance of a third-party password management tool like Dashlane being integrated with Atera?
2 votes -
External backup to 3rd party - IMMEDIATE ACTION REQUIRED!
Found out today that there is no backup or way to backup from atera.
We need to be able to backup our data away from Atera, I really just wanted to backup the passwords and attachments from a company before we hand over to the new support company but then I found out all the ways Atera's not backing up its own system in case of issues or mistake and I'm honestly horrified!
I need a way to backup the data held by Atera, Can't be reliant on hope and a prayer..
TBH i'm going to check this with one…
37 votes -
Software Inventory to show End of Life software
As other asset managers do, such as Qualys, it is often necessary to find and remove End of Life software from devices. It would be a very nice feature if Atera was able to show End of Life dates for known software, frameworks and plugins in the Software Inventory.
10 votes -
protect sensitive areas
When I'm logged in to atera I have access to a lot of sensitive informations. Also it is possible to run commands or open command prompt with admin / root privileges. It would be nice to set an additional layer of authentication. For example before I get access to command prompt or change a script I have to enter my password again. FIDO Keys would also be nice to use. So I can insert my FIDO smart card while I'm using atera and can authenticate myself before I access sensitive informations. Session hijacking would work but cannot get my physical…
6 votes -
Email Encryption for all outgoing emails from Atera to Users via ticketing.
We often work with users who may need password resets or new account creations. It would be nice to have a built-in feature that allows us to encrypt these types of communications to ensure the safety and security of credentials. Currently, we have to use other software.
10 votes -
Technician Roles to be more specific define
The technician roles section needs to separate permissions more details. There is already an request for a new permission switch to creating knowledge base with full admin role.
But instead of just that, I recommend it should be more sub-control to all areas, such as knowleadge base, SNMP Templates, Alerts and etc, giving the management a flexible to provide more control to the technician.
Having a technician with full admin rights to manage such areas doesn't make sense. Control need to define well for a technician vs admin. Hope to see the enhancement at the soonest.
25 votes -
Atera Back up
Backing up or exporting files: We spend all of our lives backing up things for our customers, feels uncomfortable not to back up our databased. if Atera is hacked and if we don't have a back up and we will have a problem. It would be a facility to have a backup of Atera. It is not about migrating to a new service. Us knowing we have a secure backup every week and every night.
62 votes -
Let us choose which endpoints are excempt from Remote Access (AnyDesk) deployment
By default AnyDesk get pushed to all endpoints (including servers which have the Atera Agent installed). While this is nice for user Machines - it's less then ideal for servers... Give us the option to exclude machines from AnyDesk Deployment. Or better yet: let us choose on which machines (machine type) we want to install anydesk
8 votes -
Only allow login from MAC-addresses.
Its good to have the option to only login in from IP-addresses, but would be a lot more powerful if only allowing login from certain MAC-addresses. This way it has to be your machine you are login into.
Once the admin selects this feature in the admin portal, the change has to be approved with a MFA prompt. So the admin has to have MFA setup before moving on to the MAC-address option. When the approval is granted the MAC-address from the admin computer is automatically added as a approved MAC-address, so not to lock out the admin from the…
1 vote -
Multiple api keys per account
Huge security risk to only have a singly read/write API key - I see there are suggestions for separate read/write one but realistically we should be generating keys per app and have the option to limit the scope to specific features or customers.
The API key gets transferred in the clear on PowerShell scripts to a customer device - so there really needs to be some improvements in this area.
49 votes -
Obfuscate Or Encrypt Scripts [important]
So imo, scripts that are batch or powershell that are ran are stored in the location - C:\Program Files\ATERA Networks\AteraAgent\Packages\AgentPackageSystemTools
Need to be obfuscated or encrypted somehow because they show up in clear text if they are stuck, sometimes these scripts could have a hardcoded password that are needed to work for instance runas etc.... Yeah, I have a script to delete all *.bat and *.ps1 - this is not an answer though.
All it takes is one kid that knows how to work on a vcr to mess things up!
1 vote -
API Key - restrict by IP or FQDN
Configure the IP or FQDN that the API Key can be called from.
6 votes -
2FA Using FIDO Security Keys
Please integrate 2 factor authentication using FIDO keys (i.e. YubiKey or Google Titan). This is already supported by Auth0.
17 votes -
2FA verification on site delete
It is crucial for us to have a 2FA check when deleting bulk of data, such as a site.
7 votes -
Screen Lock
Being able to enforce screen lock times in the portal and not by script would be a great way to ensure security and be able to view that status.
6 votes -
Change linux command prompt / terminal user
Command prompt / terminal is opened as root. It would be great to define another user account which lower privileges. Also the terminal is not working if root has /sbin/nologin set.
2 votes
- Don't see your idea?