Set Security Options

Who can set security options?

Tell me about external IDs

How do I restrict access?

New Data Security Model

Tell me about password security

How to configure session timeout

VeriSign Identity Protection (VIP)

 


Who can set security options?

Managers can do this by going to Users > Setup > Security. Advanced security options should be set to prevent unauthorized users from accessing the service. Tip - Be sure to click Save after making changes.

How do I restrict access?

You can restrict access by IP address. Select the option "Allow connections from the following IPs only" and enter the IP addresses that should be allowed to connect to your subscription. An unlimited number of IPs may be entered. Users with valid accounts will only be able to connect to the service from one of the allowed IPs.

Tip - Be sure to add your own IP to the list of allowed IPs or you will not be able to log back in to the service. For your convenience, your IP is displayed on screen.

IP addresses dynamically assigned?

Tell me about password security

Select the password security settings you want to enforce for all users in the subscription.

Password expiration options

User defined passwords

Force password change at initial login

Lock account after failed login attempts

VeriSign Identity Protection (VIP)

Select this option if you want to require all users to log in using VeriSign Identity Protection (VIP) two-factor authentication. If selected, all users will be required to provide a VIP credential ID and a one-time security code in addition to their login name and password each time they log in to the user interface. Learn more

Tell me about external IDs

External IDs can be added to user account settings by the Manager Primary Contact (for the subscription). The Manager Primary Contact has the option to allow other Managers, Unit Managers and User Administrators to edit external IDs for users. Follow these steps: 1) select the External IDs security setting "Allow other users to manage external IDs", and then 2) edit each manager's account to grant this permission.

What if I clear this option after granting permission to users?

New Data Security Model

In order to provide new features, such as Scheduled Reporting, Zero-Day Risk Analyzer and Asset Tagging, we are migrating customers to a new powerful data security model. A green check mark next to a new feature indicates that it is available for use within your subscription. Once you accept the new data security model, you cannot undo this action in the application. Please Contact Support if you would like to disable this option. Learn more

Are you an Express Lite user? If yes, the New Data Security Model is turned on for your subscription.

How to configure session timeout?

Define how long a user's session may be inactive before automatically timing out. You can make a global setting that applies to all users or customize this setting based on the user role. This setting applies to all new user sessions. Only Managers can enable this option. For both global and customized session timeout, choose a range between 10-240 minutes. The default setting of 60 minutes is considered a best practice.

Why might I increase global setting?

Why do I need to set different session timeouts for users?