Nuevas funcionalidades en la v.9404 de Service Desk. RGPD “ready”

by Administrator 5. abril 2018 16:51

La nueva actualización de Service Desk gestiona los datos personales del usuario (técnicos y usuarios finales) de acuerdo a la nueva regulación RGPD (GDPR en ingles). En el modulo de solicitudes, se pueden marcar todos los datos que contienen información personal identificable, facilitando de esta forma el trabajo al administrador para identificar que datos con información personal son almacenados y recopilados en SDP. Ademas, cuando un usuario ejerce su derecho de olvido, los administradores pueden anonimizar los usuarios borrados y borrar sus datos de la aplicación.

Otras nuevas funcionalidades:

  • PM Tasks for Service Request – Plan your preventive maintenance tasks well in advance for service requests as well.

    Find the feature in Admin >> Organizational Details >> Preventive Maintenance Tasks.

  • Custom Trigger Enhancements
    • Execute custom trigger actions for requests that contain replies and for approved/rejected requests.
    • Groups defined under other sites are now listed under criteria.
    • Requester name, sites and technician will now be listed under criteria.
    • Create triggers without any criteria.

    Find the feature under Admin >> Custom Trigger >> Execute Actions.

  • Technician Homepage Enhancements – Customize technician’s home page by adding/organizing widgets, and changing the layout and background color.

    Find the feature under Home >> Customize.

  • Export Requests – Select and export requests right from the list view, in various formats.

    Find the feature under Requests >> Actions.

  • Organize Request Catalog – Easily sequence the templates under the request catalog to suit your requirements.

    Find the feature in Admin >> Service Catalog >> Reorder.

  • Scribble Pad – Make simple, hurried notes in a jiffy using the all-new inbuilt scribble pad.

    Find the feature at the top right corner of the header pane.

  • HTML Editor Enhancements – Edit email notification content as HTML and use $ to add variables to the content.

    Find the feature at Admin >> Notification Rules >> Customise template >> Edit HTML.

  • Health Meter – Assess your application’s health metrics in just a glance from the community tab.

    Find the feature under Community >> Health Meter.

  • Unified Notification Rules – Customize and configure notification rules across modules under a single roof.

    Find the feature under Admin >> Organisation Details >> Notification Rules.

  • Admin Search Enhancement – Experience the enhanced admin search functionality with the categorically listed searched items.

    Find the feature in the Admin section.

  • AMS Renewal – Be notified of the subscription expiry and apply for its renewal, right from the application.

    Find the feature under Technician Profile >> Get your new AMS.

Tags:

iso 20000 | servicedesk

Plugins GDPR para Wordpress

by Administrator 2. abril 2018 16:28

Hola!

Han aparecido 3 plugins, a fecha de hoy claro, relacionados con GDPR

image

image

Vayamos uno por uno, haciendo un breve, breve análisis.

El primero de ellos, el que cuenta con un mayor número de instalaciones activas es WP GDPR compliance.

Para ver sus ajustes vamos a Plugins una vez activo y tenemos estas opciones. Basicamente se integra con los plugins de comentarios que tengamos o los de por defecto de Wordpress

image

image

y un enlace para que aparezca al activarlo a nuestra pagina de privacidad.

image

Luego tenemos WP GDPR

tiene estas opciones

image

hace un interesante listado de los plugins que tenemos instalados que recopilan datos de usuarios. Por ejemplo

image

Dentro de los settings estas son las opciones que tenemos disponibles

image

Por ultimo, GDPR

image

nos gustan cosas de este plugin a nivel de configuracion del mismo pero quizas tiene demasiadas pocas funcionalidades. Como bien dice el plugin ayuda en el analisis de la situacion de un sitio para cumplir con la nueva norma.

Tags:

gdpr | hosting

¿Esta preparado para cumplir con RGPD (GDPR en inglés)?

by Administrator 15. febrero 2018 13:43

La General Data Protection Regulation es el resultado de cuatro años de trabajo de la Unión Europea. La Unión quiere dar un mayor control al usuario sobre como se utilizan sus datos y por otro lado, la Unión desea dar a las empresas un marco legal teóricamente más “clarificador” y unificado en toda la Unión.

Es importante que su compañía realice una recogida adecuada de datos personales asi como un procesamiento seguro de los mismos.

GDPR tiene más de 91 artículos pero las claves están en:

  • Datos personales
  • Brecha de seguridad.
  • Auditoria y conformidad continua

Todas estas áreas que cubre la norma deben poder demostrarse ante un auditor.

Los pasos a dar de forma inicial:

  • Localizar donde tenemos la información, el tipo de información y la localización de la misma.
  • Identificar el riesgo. Aqui entran en juego terminologias habituales de la gestion de riesgos

Las soluciones de Manage Engine y Meytel securizan el procesamiento de datos y los auditan.

Por ejemplo en estos casos:

  • Directorio Activo
  • Acceso a datos en entornos de base de datos
  • Servidores de ficheros
  • Cabinas de almacenamiento
  • Transacciones de correo electrónico Exchange / Office 365
  • Correcto seguimiento y archivado de incidencias, problemas, cambios sobre elementos de su infraestructura.
  • Análisis y archivado de logs de firewalls, dispositivos antispam, dispositivos de red. También disponible en modo servicio (soluciones SIEM).

Esta es una pequeña presentación sobre la problemática GDPR y las soluciones que ofrece el fabricante ManageEngine y que pueden ser implementadas por Meytel.

La Ley

http://www.agpd.es/portalwebAGPD/temas/reglamento/index-ides-idphp.php

La Agencia de Proteccion de Datos tiene una herramienta online que permite ver si nuestra empresa necesita un analisis de riesgos/una mayor profundizacion en las actividades que realiza nuestra compañía relacionadas con el tratamiento de datos.

https://www.agpd.es/portalwebAGPD/canalresponsable/inscripcion_ficheros/herramientas_ayuda/index-ides-idphp.php

    Tags:

    firewall | encriptado | gdpr

    Visto en madrid.es…. la pasarela de pagos en ruso….

    by Administrator 24. enero 2018 17:21

    Iba a pagar ahora una multa de tráfico en la web del ayuntamiento de Madrid, madrid.es, desde

    https://sede.madrid.es/portal/site/tramites/menuitem.1f3361415fda829be152e15284f1a5a0/?vgnextoid=dd7f048aad32e210VgnVCM1000000b205a0aRCRD

    como he hecho miles de veces.

    Al introducir la tarjeta y justamente antes de que tengas que dar a un botoncito para que te llegue el numerito al teléfono y luego meterlo te sale esto….

    No conocemos a esta empresa, modirum que seguramente es una empresa legal, puede que si, pero choca el que aparezca en ruso todo el disclaimer y petición de datos adicionales no?

    La url de la empresa es modirum.com

    clip_image002

    image

    Tags:

    comercio | curiosidades

    MOODLE / Vulnerabilidades enero 2018

    by Administrator 24. enero 2018 15:28

    Moodle quiz web services privilege escalation  MINOR
    https://moodle.org/mod/forum/discuss.php?d=364383

    Moodle filepicker server-side request forgery  SERIOUS
    https://moodle.org/mod/forum/discuss.php?d=364381

    Moodle blocked hosts list security bypass   MINOR
    https://moodle.org/mod/forum/discuss.php?d=364382

    Tags:

    moodle

    Google Chrome comenzara a exigir que nuestra web tenga HTTPS en octubre de 2017

    by Administrator 20. agosto 2017 09:19

    En caso contrario mostrará este mensaje,

    image

    aunque de momento solo mostrará este mensaje en paginas que estén utilizando campos de entrada de texto (input type=text o email) todo apunta a que en un futuro cercano todas las paginas deberán estar bajo protocolo seguro.

    Para que nuestra página funcione bajo protocolo SSL necesitamos tener instalado un certificado SSL emitido por una autoridad certificadora.

    Tags:

    encriptado | web

    Service Desk Plus build 9316

    by Administrator 3. agosto 2017 11:25

    New Features

    • SDF-65167: Request List View Enhancements: Mark request filters as favorite, resize request columns, and view tasks and requests in a single page.
    • SDF-67564: Revamped request history: Option to filter and sort history details of a request using various fields such as status, priority, mode, impact, and level.
    • SDF-42517: Option to automatically close a request when approval is denied – i.e, if the approval status of a request is changed to the “Denied” state. This configuration can be done in Admin >> Request Closing Rules.
    • SDF-65212: Option to merge service requests.
    • SDF-65393: Email reply gets auto merged as conversation based on email header (in-reply-to header). This feature is enabled by default .It can be disabled through the Globalconfig Table in the database. [Parameter=AppendOnRequestReferences].
    • SDF-63883: Live Chat for Users: Allow requesters to have a quick chat with technicians easily.
    • SDF-65278: Advanced analytics integration for ServiceDesk Plus now offers reports and dashboards on change management module. In this update you will get-
      • An overview of upcoming and in-progress changes.
      • Insight into the CAB approval process.
      • Change management dashboard, CAB approval dashboard, business impact analysis and much more.

      Also, Request – MultiSelect additional fields are supported.

    • SDF-28592: Refer settings of one site for configuring another site. Referring site follows the settings of the chosen site. Admin >> Sites >> New/Edit Site.
    • SDF-65039: Option to configure the base delimiter. Admin >> Mail Server settings >> Delimiter.
    • Note: By default, the base delimiter is ## and delimiter for each module is Request-RE, Change-CH, Problem-PB, Project-PJ, Solution-SO, Task-TA, PurchaseOrder-PO, PurchaseRequest-PR, and Contract-CO.
    • SDF-67252 : Scan status with troubleshooting steps will be displayed in details page of SNMP devices too.
    • SDF-51608: Option to list users who are deleted in the active directory. From this list, users can be deleted either manually or automatically.
    • Note: Deleted user data from the remote server cannot be transferred to the central server.

    Tags:

    servicedesk | iso 20000

    Analítica avanzada para su service desk

    by Administrator 22. noviembre 2016 12:37

    La nueva herramienta de análisis de datos para Service Desk Plus, Manage Engine Analytics Plus, permite entender mucho mejor los datos de la gestión del servicio IT. Aunque nuestro foco se centra en su integración con Service Desk Plus, la nueva herramienta de análisis también se integra con Applications Manager y con OPManager y obviamente además de con Service Desk Plus con SupportCenter.

    Hay una demo real en esta dirección y merece la pena pasar unos minutos viendo los informes que se generan.

    https://analyticsplusdemo.manageengine.com/login/login.jsp

    Si desea mas información o integrar con su instalación actual de Service Desk Plus póngase en contacto con nosotros!

    Más info:

    https://www.manageengine.com/es/analytics-plus/advanced-analytics-for-opmanager.html

    Vídeos explicativos donde poder ver la herramienta y funcionalidades

    https://www.youtube.com/playlist?list=PL-ISVwfVARifrw8GEpYIGlPHaSSUitMwS

    Tags:

    iso 20000 | servicedesk

    Nueva política de transferencia de dominios de ICANN

    by Administrator 18. octubre 2016 10:33

    A partir del 1 de diciembre entran en vigor las nuevas normas al transferir dominios gestionados por ICANN (.com, .net, org, etc). Lista completa.

    Cualquier cambio en el nombre, apellidos, organización o dirección de correo electrónico para el registrant (dueño) del dominio iniciará un proceso de transferencia, lo que significa que el el dueño actual y el nuevo tendrán que aprobar la transacción/petición.

    Despues de dicho proceso el nuevo y anterior dueño recibirán notificaciones del cambio sin poder alterarlo.

    Una vez el cambio de registrant/dueño se ha completado el dominio se bloqueará durante 60 días y no se podrán realizar cambios sobre él.

    En esta página viene explicado. Página de OpenSRS uno de los servicios de registro de dominios utilizados por Meytel

    https://opensrs.com/blog/2016/06/icanns-new-transfer-policy-will-impact-business-customers/?utm_source=OpenSRS+Subscribers&utm_campaign=d2e287afc1-Bi-weekly+Digest+-+Feb.+8%2C+2016&utm_medium=email&utm_term=0_cab41038e5-d2e287afc1-141474085

    Tags:

    dominios | ICANN

    Service Desk Plus 9228. Nueva actualización con mejoras.

    by Administrator 4. octubre 2016 12:35
    New features in 9228 (Released on: 29 September 2016)
    • SDF-63023 : Service Catalog can now be obtained as an Add-on for Standard edition.
    • SDF-63419, SD-61445 : Field and Form Rules Enhancements:
      • Ability to copy rules to multiple templates
      • Action to add/remove options from the Pick List field through UI (except Site & Group fields)
      • Action to set values for fields through UI
      • Action to remove the value of fields
      • The introduction of "Email Id(s) to Notify" field
      • The Resource section is hidden when all the questions are hidden
      • Support to access Requester details through scripts
    • SDF-63168 : Option to set Response time for a Service Request and Actions to be taken on escalation of that Request. This is available under Admin>> Helpdesk Customizer>> Service Catalog>> Manage>>Service Level Agreements.
    • SDF-60845 : REST API has been provided for Projects and Milestones.
    • SDF-63812 : Purchase request feature is available in "professional edition".
    • SDF-62965 : Tools action integration between SDP and Desktop Central - Ability to restart, lock, wake on LAN, hibernate, shutdown, initiate chat and view system manager of Windows machines from the machine's details page or request details page if SDP is integrated with Desktop Central.
    • SDF-61108 : Option to 'Search' in all select boxes in 'Request' module.
    • SDF-63576 : Option to add 'Downtime' variable in all Change Notification Templates.
    • SDF-49499 : Option to view Project based Reports has been provided under Reports tab
    • SDF-61158 : Doctool Enhancements:
      • Grey themed UI
      • Operation search and Attribute search
      • 'Group>>Entity>>Operation' Hierarchy in Table of Contents
      • 'Sample response' output for every operation
    • SDF-57541, SDF-62275: Product can receive notifications related to region-specific announcements and events, new build releases and upcoming features for SDAdmin technicians.
    Behaviour changed in 9228
    • SD-51789 : Access permission 'Add' and 'delete' Projects has been provided for a project member who can view Associated Projects.
    • SD-62884 : API version tag is included in failure response of operations in API(XML format only).
    • SDF-61108 : 'Select boxes' have been optimized for better search through out Request module. If the Picklist entries exceed 4000, then Picklist field will load slowly in IE browser.
    • Change Notification Rules:
      • The variables Review ($Review), Change Roles ($ChangeRoles) and individual change roles ($ChangeOwner, $ChangeManager, ..... ) are made common to all type of notifications and will be present in content only.
      • Requested By ($InitiatedBy) is removed from all type of notifications.
      • In "Alert Change Manager, Change Owner, Change Approver, CAB members by Email when any Recommendation is taken on change" notification:
      • Unused variables namely Resolution ($Resolution) and Technician ($Technician) have been removed.
      • The variables Stage ($StageName), Roll Out Plan ($RollOut), Checklist ($CheckList), SLA Name ($SLAName) have been added
      • The variable Old Status ($Status) is replaced with Status ($StatusName)
      • The variable CAB Approval - Submitter ($Submitter) is added to the notification "Submitting a change for recommendation to CAB".
    Issues Fixed in 9228:

    Request

    • SD-63497 : Solution suggestions popup dislocated while creating a new request.
    • SD-63876 : When external images and inline images are present in a description and if the src attribute immediately follows the img tag for the external images, then the content between these images will be lost. ( i.e <img src='image' is an issue but <img height='50' src='image' is not an issue)
    • SD-30943 : Empty page rendered on login for technician without permission to access technician availablity chart.
    • SD-62349 : Custom on hold status doesn't change to open while replying from requester's login.
    • SD-63163 : Not able to add inline images in Admin, Product description field.
    • SD-62666 : Additional line spaces occuring in reply window for default reply template content.
    • SD-62691 : Custom trigger is not executed when a request created by API.
    • SD-63310 : 'Tab' key functionality for moving to next row fields while creating/editing/viewing Request does not work as per its behavior.
    • SD-63389 : Rules and subsequent rules are not applied for Requester login when the rule contains a text type field that is not added for a Requester.
    • SD-62067 : Task configured in Default template is not added to the Request created.
    • SD-49256, SD-62614, SD-62317, SD-62735 : Issue while importing Requests, with field values containing special characters.
    • SD-44732 : The case sensitive parsing issue has been fixed. Introduced an Email Command Parser that identifies parse string in a case-insensitive manner.
    • SD-63469 : Issue in 'contains' search, in default search of Request module.
    • SD-63296 : Status of the Request moves to 'Closed' when only one of the tasks gets closed instead of all tasks, violating the behavior of closing rules.
    • SD-63426 : Notification is triggered to the Technician of the Request stating that all the tasks has been completed although some tasks are left open.
    • SD-62487 : After entering the requester name in requester field, blank page gets loaded in Incident form while changing the template.
    • SD-62820 : Overdue Request in Request summary widget label is shown wrongly as Overdue Task in Dashboard.
    • SD-63280,SD-63281,SD-63282,SD-63283 : Able to access non-permissible functionalities by a low privileged user under Request module.
    • SD-62773 : When 'Notify Requester when a Request is appended with Technician's reply by e-mail' is enabled, then the Requester gets a copy of the mail sent by him, if the Requester is a Technician.
    • SD-63495 : Requests which are not assigned with any technicians are still shown as "Unassigned" (in English) even in other languages when viewed in request list view.
    • SD-62878 : Error while creating/updating a Request on behalf of a Requester, if the Requester name contains special characters.
    • SD-57160 : In Incident SLA, Response time and Resolution time are validated by site based operational hours.
    • SD-62558 : Although 'Column' and 'Criteria' are selected, wrong alert message gets displayed in Request custom view.
    • SD-62737 : Date additional field is tracked as 'long' format instead of 'date' value in the Request history.
    • SD-63376 : Response time gets calculated even after a Request's status is changed as 'Closed'.
    • SD-63462 : Request updates does not get captured in the history if size of the Request description is greater than 64kb.
    • SD-63293 : Unable to view conversation for Notification sent on closing a Request.
    • SD-51213 : Unable to insert approval link $ApprovalLink to a text in approval mail.
    • SD-63183 : Unwanted Alert message gets popped up while clicking 'Create a Service Request'.
    • SD-64055 : Business Rule does not get executed when stages are configured in a Service Template work flow using Service Catalog.

    Change

    • SD-63203 : Unable to send approval mail to the email id which is already included in a stage.
    • SD-61258 : Proper Info message is not provided when roles are not configured in Change Roles tab in Change Template.
    • SD-61267 : Wrong info message 'Change Details saved successfully' is shown instead of 'Change Details and Change Roles saved successfully'.
    • SD-61382 : Able to view Notification rules in Change tab by a Technician with no Admin privileges.
    • SD-61807 : $Reviewer does not get replaced with its intended content. Instead it is replaced with $Review Content in 'Change' Notification content.
    • SD-62088 : Unable to add 'Change closure code' and comments in IE9 via non-login access.
    • SD-63039 : Vulnerability while updating/deleting Change workflow.
    • SD-63040 : Vulnerability while trying to delete Change Template.
    • SD-63304 : Unable to edit the start time and end time for Change down time using inline edit.
    • SD-63324 : Cursor focus does not get focused into comments text box during change recommendation.
    • SD-63879 : Unable to choose content variable for Notification message under Admin > Change Management > Stage and Status
    • SD-63687 : Non login url appears blank while accessing a Change Request, after a completion of change.

    Projects

    • SD-53196 : Project module disabled, but Project role is shown in Requester details page in Standard edition.
    • SD-61171 : Error while trying to view Project Gantt View after exporting as PDF.

    Solution

    • SD-60658 : Issue while importing Date field values in Solutions using XLS.
    • SD-62158 : Solution status does not get changed automatically to "Unapproved" when Adding/Removing attachment from the solution.

    Assets

    • SD-62835 : "Installed on" column value is not proper date format when the list view under Installations tab in software details page is exported.
    • SD-62970 : Exception while changing requester as technician in AE Remote server
    • SD-63169 : Software licenses received from PO shows Internal ID as PO number in its details page.
    • SD-63332 : Unable to search assets with partial name in "Add Relationships" popup.
    • SD-63704 : List view option not displayed under relationships tab of CIs for non-SDAdmin technicians.
    • SD-62209 : Vulnerability in scanned XML file

    Purchase & Contract

    • SD-63554 : The text "Contracts which have expired in the last 30 days" has been changed to "Contracts which have expired in the last 7 days" under contract summary in Home/Dashboard tab.

    Admin

    • SD-62963 : 'Change old status' and 'Migrate to new status' options have been removed from admin details page and left navigation options.
    • SD-56449 : When for a Requester, the password is changed in CSV and the Requester is imported back in ServiceDesk Plus, the password is not reset.
    • SD-60518 : If Priority name is long, then while sorting, it is shown twice (actual value + trimmed value) in the list view. This has been corrected to show only the actual value.
    • SD-63027 : Issue while importing Requesters via CSV through schedule.
    • SD-63263 : Groups belonging to custom sites are not getting listed while configuring the "Allow Exception" rule under the Data Archiving Section.
    • SD-63089, SD-63473 : Unable to access the Survey URL by a user with role other than 'SDAdmin' and 'SDGuest'.
    • SD-45970 : Questions and answers are not sorted alphabetically under Service Template>> Add Resources
    • SD-62508 : Order of Escalation time does not get sorted, when Incident SLA is created with 'Escalate before' and 'Escalate after' options.
    • SD-61977, SD-62533, SD-62910 : Typo error in the phrase 'Choose Technicians' under Admin -> Notification Rules.
    • SD-62905 : Tabs freeze/get highlighted when switched from Requester Tab to Field and Form Rules Tab while updating Service catalog.
    • SD-61266 : Unauthorized access to Change Template's Configuration Wizard by SDSiteAdmin.
    • SD-63703 : Unable to add widget's names using Non-English Languages in 'Customize self service portal settings'.

    Reports

    • SD-62734 : Exception occurs when Tabular Custom Report is generated for all Workstations and Servers.
    • SD-62946 : Request Description field gets truncated to 500 characters when Custom Report is generated.
    • SD-63171 : In report stability settings , 'top 50000' has been added in all queries after the keyword 'select'. If the query contains 'distinct', top 50000 is added between 'select' and 'distinct'.
    • SD-63234 : Multiple columns get merged into one while exporting a Report as XLS file.
    • SD-61576 : Option to add Description field in Custom reports of Projects module.
    • SD-61642 : Decimal field values displayed with currency symbol in Reports.
    • SD-63627 : Unable to generate reports when a non-string based entry is used as 'group by column' in stacked charts.
    • SD-62956 : Unable to view chart in the graph view for certain Reports when maximum limit (default of 18 columns) is reached.

    Performance

    • SD-62549 : Performance optimized while fetching meta data for JIRA fields from server, when large number of projects are configured in JIRA.

    Problem

    • SD-63030 : Issue in updating last modified time under 'Problems' module.
    • SD-63713 : Vulnerability in adding notes for 'Problems'.

    Home

    • SD-43173 : Unable to view day and date on scrolling, when the Technician count increases in Technician availability chart.
    • SD-62650 : Technician unavailability is marked incorrectly when the Leave period contains Daylight Saving Time transition period.
    • SD-63516 : Unable to view Tasks through Dashboard and 'My Tasks' in Home page in some scenarios.

    Others

    • SD-62613 : Exception occurs when Custom Trigger is scheduled to timeout in 30 seconds. It has now been increased to 60 seconds
    • SD-62832 : Translation related issue fixed in Danish language.
    • SD-62618 : Able to update Service Category of the Service Request through API.
    • SD-63227,SD-63213 : Reflected XSS vulnerability issue.
    • SD-63655 : Unable to login to the ServiceDesk Plus application using mobile client (/mc), when the domain name is typed in lowercase.
    • SD-63471 : When a Reply notification with multiple lines is sent with plain text formatting, notification content are shown in a single line.
    • SD-63708,SD-63226 : Attachment name is empty/displayed with only file type in non English characters file.
    • SD-63549 : Error occurs and worklog list view is shown as a blank page randomly.
    • SD-63583 : Upgrade will be marked as failed if 'Access Denied' error occurs when patch is applied.

    Tags:

    servicedesk

    Sobre Meytel

    Meses