This is fully explained in How We Handle Your Data. Please also refer to our SLA in the Trust Center.
For more information on how Admin By Request meets its compliance obligations and helps your organization do the same, refer to Compliance Mapping.
The only people who can see devices in your tenant are the primary login that was first used to register with Admin By Request and the users listed in the portal under Logins > User Logins.
The installer file downloaded from the portal is unique to your tenant. Depending on the target operating system, it can be an executable file, a package or a script and it is signed with a license that applies only to installers downloaded from the tenant in which you are currently logged-in. The same license file is applied to each of the operating system client installers: Windows, macOS, Linux and Server.
This is true for free plans as well as paid plans.
When installed on an endpoint, once the endpoint connects successfully, you will see in real time the status of the endpoint in your Inventory, which is also unique to your tenant. You will not see other endpoints installed with files downloaded from other tenants - this is simply not possible.
Which IP addresses are endpoints communicating with?
Admin By Request uses port 443 and the IP addresses and URLs that need access through firewalls are as follows.
If your data is located in Europe:
-
IP: 104.45.17.196
-
DNS: api1.adminbyrequest.com
-
DNS: macapi1.adminbyrequest.com
-
DNS: linuxapi1.adminbyrequest.com
If your data is located in the USA:
-
IP: 137.117.73.20
-
DNS: api2.adminbyrequest.com
-
DNS: macapi2.adminbyrequest.com
-
DNS: linuxapi2.adminbyrequest.com
If you wish to remotely access endpoints using Unattended Access and Remote Support:
-
MQTT broker connectivity - port 8883 for the following:
-
FastTrackHubEU1.azure-devices.net
-
FastTrackHubUS1.azure-devices.net
-
-
For Unattended Access, RDP needs to be enabled on port 3389 on the device
How do I let users keep full access, but log what they do?
Allowing your users to retain full access rights is equivalent to turning off all Admin By Request's protections.
Turning off everything effectively means giving users back their local admin rights. Think about this carefully before doing it.
To turn off everything except logging actions to the Auditlog, you need to:
-
Authorization: turn On Allow Run As Admin and turn Off all other toggles
-
Authorization: turn On Allow Admin Sessions and turn Off all other toggles.
-
Authorization: make the Access time (minutes) a large number that covers most of the day. For example, 480 minutes (8 hours).
-
Lockdown: turn Off Revoke admin rights.
For more information, refer to Authorization tab under Windows Settings.
You can also check out the WHIZ usage persona for a 10-minute video on how to accommodate developers or power users.
This is fully explained in How We Handle Your Data. Please also refer to our SLA in the Trust Center.
For more information on how Admin By Request meets its compliance obligations and helps your organization do the same, refer to Compliance Mapping.
This is fully explained in How We Handle Your Data. Please also refer to our SLA in the Trust Center.
For more information on how Admin By Request meets its compliance obligations and helps your organization do the same, refer to Compliance Mapping.
Admin By Request can help you comply with a number of regulatory frameworks, including GDPR, ISO 27001, NIST SP 800-53, DORA and NIS2. We continually assess frameworks for compatibility and use their requirements as one of the inputs to our development process.
Refer to Compliance Mapping for more information.
Yes. For more information on how Admin By Request meets its compliance obligations and helps your organization do the same, refer to Compliance Mapping.
The following IP addresses are used to send webhooks:
-
If your data is located in Europe: 104.40.134.41 and 40.91.214.18
-
If your data is located in the USA: 13.90.244.80 and 40.121.45.3
All emails are sent from noreply@fasttracksoftware.com. We use Twilio SendGrid to send emails and the dedicated IP address is: 149.72.185.15.
Yes.
Once a stolen machine is booted and communicates with the Inventory, the public IP address of the thief’s router becomes available. The endpoint client does not require anyone to log on to a computer to upload data, so when the thief simply turns on the computer, inventory data is sent transparently. You can now see the public IP address and upload time in your client view and give this to the police. The police can then get the name and address of the IP address owner from the thief’s internet service provider (ISP).
Have you published any CVEs for Admin By Request?
Yes, we have published two CVEs in 2019. These were found by Improsec in September 2019 in the production version 6.1. We notified our customers and released version 6.2 on October 11th 2019 with fixes for these two vulnerabilities.
For more information, refer to CVE-2019-17201 and CVE-2019-17202.
We generally have two separate companies run penetration tests before every major release. We also get copies on a monthly basis of clean reports executed secretly by customers.
Please use our contact details page Get in Touch > Something Else to report your findings.
The scope of a vulnerability has to be escalation of privileges from a non-administrator user to obtain admin rights.
All collected data associated with the computer is deleted.
When a computer is deleted from the Inventory, make sure that its endpoint client software is removed .If the computer is subsequently powered on with a network connection, and the endpoint client is still installed, the computer will show up again and re-upload inventory data.