SQL Database Security & Best Practices

1. Security and Workflows

SQL Server Application workflow

BrowseReporter tracked data is temporarily stored on the local machine where the cwClient is installed. It holds the data before it sends the data to the CurrentWare Server.

Once the server receives the data and stores it on the server’s SQL database, it will delete the local data from the local client database.

CurrentWare Client to CurrentWare Server Communications

The Client talks to the Server using socket technology on several CurrentWare ports ranging from 8990 to 8998. You can see each one here: https://www.currentware.com/support/open-ports/

CurrentWare Server to SQL Database Communication

The CurrentWare Server will process updates of information to the SQL database by using the default local SQL ports 1433 and 1434.

Who has access to my data?

The CurrentWare server & client are installed locally on the customers PCs & network. Server data is only accessible by your organisations privileged users with access to Server PC/location and Console which is password protected. You can also have your accounts secured with 2-Factor Authentication.

Client data is hidden on local pcs and encrypted. Once it is transmitted to the server, it is removed from the client side.

When can CurrentWare access my data?

CurrentWare can only access data if a request is explicitly made by an appropriate security contact by the Customer for support.

Our team first attempts to provide support without receiving data or information from the Customer. However, if detailed logs or servers are needed, our Tier 2 Support will request this information from the Customer.

We respect the privacy of the information transmitted to us based on our Terms of Use & Privacy Policies. We will only access the necessary data for support & troubleshooting purposes.

Who has access to my data?

Note: This only applies to BrowseReporter, AccessPatrol & enPowerManager reporting features

CurrentWare can track data from your end user’s Internet, bandwidth, application, PC usage and endpoint activities with BrowseReporter, AccessPatrol and/or enPowerManager.

By default, it keeps the data within the customer’s database indefinitely.

Since the CurrentWare database is stored on your network, you can decide how much data to keep.

The company’s administrator has the ability to permanently delete older data or set up a schedule to store data for a set period of time.

2. Best Practices for BrowseReporter Configuration:

–        Do you need to track the browsing bandwidth usage? If not needed, turning it off will reduce your storage needs.
This is done by going to Settings > BrowseReporter and unchecking “Enable Bandwidth Tracking”

–        You can set up an Auto Delete Schedule to automatically remove data after a specific time period. The knowledge base to set up that feature up is here: https://www.currentware.com/support/can-currentware-delete-older-data-automatically/ 

–        Set the CurrentWare Server to auto restart on specified time period (24hrs+). This will ensure your client connections are always stable and ensure the data is being uploaded efficiently.
This is done by going to Settings > Server Settings and enabling “Restart CurrentWare server every # of hours”

–        On your initial installation: remove other CurrentWare solutions from the Console. From the desktop console go to Help > Licensing > select the unused solutions and choose “Remove”. Repeat for each solution not needed.