Enhanced Project Security with IMAGINiT Clarity 2021.1

December 23, 2020 Matt Mason

Hackers attack every 39 seconds in the United States, and since COVID-19, cybercrimes have risen by 300%. Costs associated with cybercrimes worldwide will hit $6 trillion by 2021*.

Because of these increased cyber threats, the latest release of IMAGINiT Clarity emphasizes the security and protection of Revit and BIM 360 project data. 

The IMAGINiT software development team took a unique approach to identify potential risk areas inside IMAGINiT Clarity. The team acted as black-hat hackers attempting to gain unauthorized access, compromise security systems, and alter IMAGINiT Clarity functions in an attempt to inflict damage. This overall security review illustrated where the development team needed to tighten protections behind the scenes and found areas of opportunity to offer additional security options to IMAGINiT Clarity users. 

Secure Projects Visibility – Initially added to 2021 to allow additional SQL users, 2021.1 includes view restrictions for Global Project Coordinators unless access is explicitly authorized.

File Browse Restrictions & Helpers – Allowing users to browse as the Clarity service account can pose additional risk. Admins continue to have open access with new options control browsing permissions for non-admin users. Shortcuts can replace the UNC path, remove unnecessary options, even limit browsing to the project folder.

Post Task Action Security – Post task actions, executed primarily on the webserver, now have options to disable the visibility and access to users. 

Security Rules – Provides administrator-applied rules by project, office, secure-project setting, task server requiring specified trusted paths or user security context.  Control where thoroughly vetted scripts reside and choose to only run from those locations. Prevents unauthorized script running by requiring "alternate user" with username and password. Similar to the windows "run as admin" feature. Offers a lower privilege Clarity Service account to use regularly or occasionally as a high privilege user. Additionally, suppose you don't have security rules set up. In that case, you have the option to assign on-demand options to control access at the task level.

Disaster Recovery – Perform weekly SQL backups of the centralized RandRevit database. This is Ideal for clients running a SQL Server Express on the same machine as the host.

 

About the Author

Matt Mason

Director of Software Solutions.<br><br> Matt manages the Software Products Group - responsible for the definition and development of a variety of web and desktop software products for the AEC and manufacturing industries. He is responsible for the IMAGINiT products including Clarity, Pulse, and the IMAGINiT Utilities.

Follow on Linkedin More Content by Matt Mason
Previous Article
Twinmotion Brings the Holidays to Life
Twinmotion Brings the Holidays to Life

Learn about special techniques and enter to win Twinmotion's Challenge #5

Next Article
New Features and Enhancements in IMAGINiT Clarity 2021.1
New Features and Enhancements in IMAGINiT Clarity 2021.1

Learn about the features and functionality in the latest release of IMAGINiT Clarity