Migrator Pro for Active Directory restricts access to features, functions and data based on role membership described below.
Global Administrator
Allows creation of new profiles
Allows modification of configuration in the application/database for all profiles
Allows creation or modification of Cutover activities and custom actions for all profiles
Can submit migration events, including ReACL and Cutover actions for workstations, as well as user Cutover actions (enable/disable) for all profiles
All configuration pages can be accessed
Profile Administrator
Cannot create of new profiles
Can submit migration events, including ReACL and Cutover actions for workstations, as well as user cutover actions (enable/disable)
All configuration pages can be accessed
Allow modification of configuration in the application/database
Allow creation or modification of Cutover activities and custom actions
Migration Operator
Can submit migration events, including ReACL and Cutover actions for workstations, as well as user cutover actions (enable/disable)
Configuration pages cannot be accessed
Cannot modify configuration in the application/database
Cannot create or modify Cutover activities and custom actions
Read Only User
Can view directory synchronization results and logs
Can view Active Directory Cutover status
Configuration pages cannot be accessed
Cannot modify configuration in the application/database
Cannot create or modify Cutover activities and custom actions
Migrator Pro for Active Directory cryptographic usage is based on FIPS 140-2 compliant cryptographic functions. Migrator Pro for Active Directory makes use of FIPS 140-2 compliant encryption keys stored locally.
More information:
Microsoft and FIPS: https://docs.microsoft.com/en-us/compliance/regulatory/offering-FIPS-140-2?view=o365-worldwide
The Migrator Pro for Active Directory Development team follows a managed Software Development Lifecycle (SDLC).
The Migrator Pro for Active Directory team follows a strict Quality Assurance cycle.
Access to source control and build systems is protected by domain security. Only employees on Quest’s corporate network have access to these systems. If a developer leaves the company, they will no longer be able to access Quest systems.
All code is versioned in source control.
All product code is reviewed by another developer before check in.
The Migrator Pro for Active Directory team follows a managed Security Development Lifecycle (SDL) which includes:
MS-SDL best practices
Threat modeling
OWASP guidelines
Static code analysis scanning is performed on regular basis
Software composition analysis scanning is performed on regular basis
Migrator Pro for Active Directory has been validated in a Secure Technical Implementation Guidelines (STIG) environment. See https://public.cyber.mil/stigs/ for more information.
As an additional layer of security against possible development environment threats, and as part of its sandbox testing environment the development team monitors traffic of Migrator Pro for Active Directory on a continuous basis. This monitoring includes an evaluation of the outgoing traffic for any malicious communications.
Migrator Pro for Active Directory developers go through the same set of hiring processes and background checks as other Quest employees.
Migrator Pro for Active Directory security features are only one part of a secure environment. Customers should follow their own security best practices when deploying Migrator Pro for Active Directory.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center
