SuiteGuard is an integrated solution hosting a powerful security tool set that effectively protects your SuiteCRM system.
SuiteGuard delivers 7 levels of protection for your SuiteCRM system
Security experts agree that both internal and external threats are equally dangerous to your company's security. The most significant benefits can be gained from using a CRM when the users can take full advantage of the program without strict restrictions on rights and roles. However, this poses risks in terms of potential security leaks of the data in the CRM. Unfortunately, SuiteCRM is neither protected against external brute force or dictionary type attacks. SuiteGuard was developed to offer an integrated solution for the protection of your CRM. Level 1 – Protect yourself against external bot attacks. Level 2 – Register and analyse internal user access to CRM data to protect against data leaks. Limit daily Edit and Detail views to prevent CRM data scraping. Level 3 – Limit SuiteCRM system availability to your company intranet. Level 4 – Protect against intentional or accidental deletion of data. Level 5 – Ensure GDPR compliance. Level 6 – Allow admins to log on to any user account without interruption to work (Sudo functionality). Level 7 - Make different fields available in Edit and Detail views to users by Groups
Features and Benefits Explained
Level 1 - Protect yourself against external bot attacks.
Brute force is one of the most common types of attack. During such attacks, automated bots attempt to log into your system by automatically trying various passwords until they find one that works. A more sophisticated type of brute force attack is when bots try to guess sets of characters, words, or commonly used password combinations from specially prepared lists – called dictionaries. SuiteGuard will block all attempts to log in from a specific IP address after several failed login attempts. Only the system administrator can then unblock the specified IP address using the module settings of SuiteGuard.
Level 2 - Register and analyse user access to sensitive data to prevent data leaks.
The SuiteCRM rights and roles system allows you to control access to records. However, to ensure workers are not overly restricted and enable them to work efficiently, users are often allowed to see large amounts of data. Data leaks can only be effectively avoided by logging each time a data record is reviewed, together with a properly prepared NDA agreement. In SuiteGuard, a button appears in the Detail View form of each module, which makes it possible to see who viewed the data and when. This option can be displayed for the administrators or all users, depending on the settings selected.
Level 3 - Limit SuiteCRM system availability to your company intranet.
This is probably the best approach in terms of security. SuiteGuard can ensure that your CRM can only be accessed at work or via remote workstations equipped with a VPN network. In this scenario, you can give permission to log in to the CRM only from specified IP addresses ("White list").
Level 4 - Protect yourself against intentional or accidental deletion of data.
Whether the data was deleted intentionally or accidentally, you can easily restore it with SuiteGuard!
Level 5 - Ensure GDPR compliance.
The European Union's General Data Protection Regulation (GDPR) came into effect on 25 May 2018. An article published by SuiteCRM provides information on GDPR compliance. The SuiteGuard plugin ensures two fundamental requirements of the GDPR are met. Firstly related to logging all personal data views and secondly removing personal data permanently when requested. With SuiteGuard, you can easily manage access to personal data and ensure the protection of important information. At the request of individuals, you may also permanently delete their data, which cannot be restored. This is a necessary condition under the requirements of the GDPR.
Level 6 – Allow admins to log on to any user account without interruption to work (Sudo functionality)
To see if the roles are configured correctly, SuiteCRM admins often need to log on to users' accounts to check users' complaints about CRM performance and many other issues. Sudo functionality allows the admin to do this without interruption to the user. Enter the username and admin password on the login screen, and you will see exactly the same screen that the user sees.
Level 7 - Make different fields available in Edit and Detail views to users by Groups
Put fields that must be available to special user groups in Detail or Edit view panel which contains @SpecialGroup in Panel name. This panel will be hidden from all usesr accept these who belong to Specialgroup or have admin permissions Put fields that must be hidden from special user groups in Detail or Edit view panel which contains #SpecailaGroup in Panel name. This panel will be hidden from users who belong to Specialgroup.