IT Security Controls Audit Dashboard

This article describes how to download a specific dashboard pack. You can download dashboard packs from dashboards.squaredup.com and learn more about how dashboard packs work here: Dashboard Packs

Description

This dashboard gives a quick way to identify non-compliant controls for accounts with high privileges.

For each scoped applications you will see:

• Server controls (local Administrators)
• Application Controls (application level system admins)
• DB controls (Database level controls)

How do I import and configure this dashboard?

1. Ensure you're using SquaredUp DS v5.4 or above.

   Already a SquaredUp customer?

   Get the latest version of SquaredUp DS Standalone

   New to SquaredUp?

   Try it for free

2. Create a PowerShell profile in SquaredUp DS with the following settings:

   Name	IT Audit Note: The name is case-sensitive and must be entered exactly as given here for the tiles to recognize the profile automatically. If you name it differently, you will need to select the profile manually for each tile on the dashboard.
   Description (optional)	IT Audit profile
   Script	Copy and paste the contents of the PowerShell script below. Note: You need to change the values for the parameters to make them work in your environment.

   PowerShell profile script

   Copy

   #Get AD Groups members 
   $TeamADmin = Get-AdGroupMember -identity "Team1" | Select SamAccountName
   $TeamDEV = Get-AdGroupMember -identity "Team2" | Select SamAccountName
   $TeamERP = Get-AdGroupMember -identity "TeamERP" | Select SamAccountName
   
   #This is whre you can define the users or AD groups which are authorized to have high privileges rights
   $AuthorizedServerAdmins = @(
       "Domain\Account1"
       "Domain\Account2"
       "Domain\GroupName"
       "Domain\Domain Admins"
       "localAccount1"
       "localAccount2"
   )
    
   $AuthorizedDBAdmins = @(
       "Domain\DBAGroup"
       "Domain\Account2"
       "Domain\GroupName"
       "localSQLAccount1"
   )
   
   $AuthorizedAppsAdmins = @(
       "Domain\AppAdmins"
       "Domain\Account2"
       "ServiceAccount"
   )
   
   #Option1 - Define list of controls servers
   
   $ScopeServers = @(
       "ComputerAppName1"
       "ComputerAppName2"
       "ComputerSQLName1"
   )
   
   #Option2 - Create a SCOM Group to be scope! - if you are using SquaredUp for SCOM

   How to create a PowerShell profile

   1. From the top right hand menu ☰ click system.
   2. Go to the PowerShell tab.
   3. Click add new profile.
   4. Enter a name and a description for the new profile.
   5. Enter the profile script.
   6. Click add profile.
      The profile is now saved and can be used in a PowerShell tile.

   For more help creating a PowerShell profile see How to use the PowerShell tile

3. Download and import this dashboard pack.

   How to import a dashboard pack

   1. Download the dashboard pack zip file for the dashboard pack you wish to import.

      There may be additional steps before or after the import to get the dashboard working in your environment.

      
      
   2. In DS Standalone go to the top right hand menu ☰ > Import Dashboard Packs and drag the zip file into the Manual Import box.
      

      

   3. The dashboard pack is imported and if the pack contains top-level dashboards, these will automatically appear in the navigation bar, usually in a folder called 'Community Dashboards' for dashboard packs from the SquaredUp Community.
   4. Carry out any additional steps required to make the dashboard work in your environment. These steps will be described on the download page for each dashboard. For example, you may need to create the correctly named Web API provider, create a PowerShell profile, or edit tile scopes.
   5. Edit the imported dashboard as required.

4. Edit the PowerShell tiles.
   For each tile check the PowerShell script and edit the $ServerInstance and $DatabaseName parameters according to your environment. Check the scripts for other parameters that need to be updated, for example DB connection strings, SQL queries to list Admins from an application, or the fields retrieved by your SQL query.
   1. Edit the tiles by clicking the Edit button.
   2. Open the script panel.
   3. Edit the script according to your environment.

5. Publish the dashboard.

   How to publish a dashboard

   A newly created dashboard will not be visible to others until it is published.

   Only admins can publish dashboards, unless you have been given author permissions to a Team Folder see Team Folders

   If you made changes to an existing dashboard, the changes will only be visible to others after you published the dashboard again.

   You can identify a dashboard that has not been published yet or has unpublished changes by the unpublished button at the top:

   

   When you click on the unpublished button, you'll have two options:

   • Publish will make the dashboard or changes visible to others.
     Note: A newly created dashboard will appear on the menu where you created it. To move the dashboard to a different place on the navigation bar see How to edit the Navigation Bar.
   • Discard will delete your draft dashboard if it has never been published or, if you made changes to an already published dashboard, discard the changes.

   Publishing dashboards to different audiences

   Find out how to publish dashboards to a subset of users using Team Folders or visible to anyone even unlicensed users with Open Access (Sharing Dashboards with anyone - Open Access).