Best practices for password management in MyAdmin

Published on January 5, 2017 in Productivity by Harjot Singh

One of the key ways to strengthen data security is to use best practices for usernames and password management. Learn basic steps for keeping data secure.

Geotab continuously strives to evolve and strengthen the security mechanisms and processes in which we operate. We also try our best to do what is right for our clients and help keep their data safe, providing the necessary tools to help our clients manage this. One of the fundamental areas in which steps can be taken to help secure data, is to use best practices for usernames and passwords.

The mantra to “keep passwords unique and complicated” always holds true. However, there are additional steps clients or managers can take in relation to best practices for user accounts for MyGeotab, and other services as well.

Basic Steps to Keeping Data Secure

Routine auditing of all available logins is crucial for businesses. As employees come and go, it is important to keep track of all active accounts, and when particular accounts need to be disabled. Failing to do so results in increased liability and under particular circumstances exposes individuals to potential abuse/tampering of their private data, e.g. in the event of an employee going rogue or the aftermath following employee dismissal.

In addition to this, having team accounts shared between multiple individuals at an organization dissolves clear accountability of what actions individuals perform. Therefore, this practice should be avoided if at all possible.

SAML for MyGeotab

Geotab is currently using Security Assertion Markup Language (SAML) 2.0 in beta. It can be enabled in MyGeotab via the Feature Preview user interface (UI) setting.

Click here for the SAML Set Up Instructions for MyGeotab.

SAML allows an organization to streamline access to external services and/or applications such as MyGeotab. Instead of storing passwords in other services, such as MyGeotab, SAML makes it possible for organizations to have their users log into their own system and get access to MyGeotab (and potentially other services).

Using SAML eliminates the need for individuals to utilize multiple passwords for different services, and enables much easier management of accounts by administrators of an organization. Geotab Support can be contacted for assistance in regards to setting up user access via SAML.

As of the September release of MyGeotab, the System Setting of “Allow Reseller Login” is now live. This option allows clients to turn On or Off the ability for their authorized resellers to login to their customer databases for tier 1 troubleshooting purposes. The default setting on all databases when the feature originally went live was Off. As this feature is still relatively new, select legacy databases/clients (those which were created prior to the feature going live) may have this setting toggled to On at the reseller’s request via Geotab Support. Doing this leaves databases matching the state of affairs prior to the feature being implemented.

Going forward, it is the responsibility of a client to manage the aforementioned feature. All new databases created after September 2016 will have this setting automatically set to Off.

Related:

15 Security Recommendations for Building a Telematics Platform Resilient to Cyber Threats
Geotab’s Security Policy on PCI Compliance
Personal Data Security 101


If you liked this post, let us know!

Subscribe to

Geotab | Blog

Sign up for monthly news and tips from our award-winning fleet management blog. You can unsubscribe at any time.

Notice: This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purpose illustrated in the  cookie policy.  By closing this banner, scrolling this page, clicking a link or continuing to browse otherwise, you agree to the use of cookies.