GoldMine & GDPR Readiness: What You Need to Know
On May 25th, the European Union’s General Data Protection Regulation (GDPR) framework went into effect, impacting technology solutions providers across the globe. Under the new regulations, organizations will be restricted on how they can collect and store data on customers living in the EU. With so many businesses using cloud software, this means that you must not only audit your own data collection efforts, but those of your providers.
Clients who use GoldMine will see a few major changes to the platform after the most recent upgrade, each designed to address the privacy requirements of GDPR. One of the biggest upgrades you’ll see throughout GoldMine is that privacy is now the default mode. You can tweak the setting in each area to be less strict as necessary, but the software now starts from the premise that the end user wants the setting to be private. In addition to this, GoldMine has been tweaked in a few specific areas to ensure maximum compliance with GDPR.
Database Connection Security
To get started using GoldMine after the change, you’ll need to create a read-only user for your SQL database. First you’ll need to check that you’ve read and acknowledged the license agreement. You won’t be able to leave the first screen until you’ve done that. Once you’ve accepted the agreement, simply go to Tools-Databases-Alias Manager and check the box that reads “Enable SQL Queries” as illustrated below. Here, you can also change the password for the user. Make sure it meets your minimum password requirements, since it doesn’t automatically check for that.
Next up, you’ll see a screen that asks you to validate your database certificate. You’re simply answering whether or not there is a validated certificate on the database. If a certificate is not present on your database server, or you do not know if there is one, your answer is “no.” The answer is only “yes” if you’re sure the database has a certificate and you are sure that certificate is trusted.
Password Complexity Enhancements
GoldMine has strengthened its already strict password complexity requirements to require the following:
- At least 1 uppercase letter
- At least 1 lowercase letter
- At least 1 number
- At least 1 special character
- A length of at least 8 characters, unless changed by admin
If a user tries to set a password that doesn’t meet this minimum, that user will receive the following error:
If a GoldMine user has a password that doesn’t meet these new requirements, that person will be allowed to log in twice without changing it. On the third login attempt, however, the password must be changed. If a minimum length value was set before the upgrade, that will be honored. But if the admin decides to change it at any point moving forward, the new password complexity will need to be eight characters or higher or the admin will get the below error. The same rule applies to password history, in which the user is only allowed to use a password a particular number of times.
It’s very important to note that after the upgrade to 2018.2 and higher, all passwords are now case sensitive. Because of this, every existing GoldMine user will be prompted to change his or her password. This password must be entered as uppercase. New installations will allow the installer to enter the password, so this won’t apply.
For new installations of GoldMine, there is no longer a default user called “MASTER.” This means that after you’ve installed GoldMine, you will be prompted to create a new admin user, which will have all of the administrative privileges previously held by MASTER.
However, if you have existing installations, there will still likely be a user named “MASTER.” For those installations, the default password is either uppercase “ACCESS” or lowercase “access.” You will use uppercase “ACCESS” as the password in these instances, then change your password once you’ve logged in. All users, including the administrator, can be locked out after three bad password attempts. To unblock an account, an administrator will merely click the unblock account button and change the password on that account.
GoldMine Connect Updates
GoldMine Connect 2018.2 now requires an HTTPS web server binding by default. Before you install GoldMine Connect, you’ll need to have a transport layer security/secure sockets layer (TLS/SSL) server certificate in place. For existing installations, it will install a URL rewrite module, so the computer will need to be connected to the internet. If you get an error during installation, it could be because of issues with your TLS/SSL certificate. You can get a free certificate from Comodo, Let’s Encrypt, EndTrust, and other sources.
The GoldMine team has added file versioning to the upgrade, which means administrators will now be able to see the version of all .exe and .dll files that were created during installation. Those files are signed, which will help administrators ensure that the application has not experienced tampering.
Additionally, GoldMine has updated the Chilkat and OpenSSL libraries for enhanced security. The SQL native client is also now supported as the database connector, also for enhanced security. Lastly, GoldMine has also enhanced Outlook Link by updating Redemption.dll to the latest released version, fixed multiple issues with email linking, and added support for TSL 1.2.
The GDPR has many solutions providers reviewing their privacy settings to ensure compliance. GoldMine will continue to monitor changes in privacy laws across the globe to protect clients, as well as their customers, against security risks. To learn more about GoldMine and the new GDPR features, schedule a demo.