Security
Security considerations when migrating tools
Every software solution has its own security model and configuration requirements. These can range from internal settings—like user roles and permissions—to external integrations with platforms such as Microsoft Azure, Gmail, or AWS.
When transitioning to a new ITSM platform such as HelpMaster, it’s crucial to not only configure the new system correctly but also to review and decommission any security settings, access credentials, or system permissions related to the previous platform. Overlooking these can lead to unnecessary vulnerabilities, confusion, or security risks.
Key Security Areas to Review
Application-Level Security
- Configure user roles, permissions, and access levels within the new platform.
- Review system administrator access and ensure only authorized individuals have elevated permissions.
- Enable or enforce multi-factor authentication (MFA) if supported.
User Accounts and Authentication
- Determine the authentication method: local accounts, Active Directory, Microsoft Entra ID (Azure AD), or Single Sign-On (SSO).
- Review and disable unused or legacy accounts that are no longer required.
- Ensure password policies align with your organization’s security standards.
File System and Infrastructure Access
- Check file system permissions—ensure only required accounts (e.g., HelpMaster service accounts) have access to necessary directories.
- Secure any uploads or temp folders used by the system.
- Review permissions for shared drives or folders used by previous systems.
SQL Server and Database Access
- Validate database user accounts, permissions, and schemas.
- Review or revoke legacy SQL accounts used by the old system.
- Secure SQL Server backups, scripts, and automated jobs that may reference the old system or have excessive privileges.
Web and Hosting Environment
- Review IIS Application Pool identities and ensure they run under least-privileged accounts.
- Validate SSL/TLS certificates used for secure web access.
- Confirm the new system is hosted securely, whether on-premise or in the cloud.
Cloud Integrations and API Access
- Check Azure Portal App Registrations, API permissions, secrets, and scopes.
- If using Microsoft Graph, Outlook 365, or Gmail for email integration, confirm proper permissions and token lifetimes.
- Revoke access tokens or credentials used by the old system to prevent unauthorized access.
Auditing and Monitoring
- Enable logging, audit trails, and event monitoring in the new system.
- Review existing log file retention policies.
- Ensure your SIEM (Security Information and Event Management) platform is capturing key logs.
Decommissioning the Old System
- Fully remove or isolate the old system if it’s no longer in use.
- Archive necessary data for compliance, then lock down or remove old access points.
- Communicate any changes to stakeholders and end-users to avoid confusion.
Final Tips
- Involve your IT security team early in the transition process.
- Document all access credentials, integrations, and permissions for ongoing maintenance.
- Consider performing a security audit or penetration test after go-live to validate the new environment.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.