Connectwise Automate MySQL user changes in patch 2021.1
Automate patch 2021.1 includes major changes to application user authentication and the interactions with MySQL. Below we describe what changed and what Automate administrators need to know. What changed? Previously each user in Automate had a matching user in MySQL with the same password. This allowed for integrations and administrators to authenticate to the database […]
Is your Automate server open to the world?
Restricting access to parties that need it is a core tenant of IT security. As IT professionals, if a client wanted to leave well-known management ports (like 22 for SSH, or 3389 for RDP) accessible from anywhere, even with proper lockout measures, we’d likely explain that it’s unwise to do. Our preference would likely be […]
Automate Security: Prevent unauthorized users from being created
In light of the recent security vulnerabilities, many Connectwise partners are starting to monitor Automate for the creation of user accounts in Automate (among other security layers). Like all parts of IT security, more is generally better, and prevention is better than cure. With regards to SQL injection of privileged accounts, we can handle this […]