Security Settings

Learn how to configure security settings, manage authentication, and protect your organization's data and users.

Security Overview

Authentication

Configure login methods and password policies

Access Control

Manage user permissions and data access

Monitoring

Track security events and user activity

Authentication Settings

Password Policies

Password Requirements

  • • Minimum length: 8 characters
  • • Must include uppercase letters
  • • Must include lowercase letters
  • • Must include numbers
  • • Must include special characters

Password Expiration

  • • Set password expiration period
  • • Force password change on first login
  • • Prevent password reuse
  • • Account lockout after failed attempts

Strong password policies help protect against unauthorized access and brute force attacks.

Two-Factor Authentication

2FA Methods

  • • Authenticator apps (Google Authenticator, Authy)
  • • SMS verification codes
  • • Email verification codes
  • • Hardware security keys

Configuration

  1. 1. Enable 2FA for your account
  2. 2. Choose your preferred method
  3. 3. Follow setup instructions
  4. 4. Test the authentication

Keep backup codes in a safe place in case you lose access to your 2FA device.

Session Management

Session Settings

Session Timeout

  • • Set automatic logout after inactivity
  • • Configure session duration limits
  • • Force re-authentication for sensitive actions
  • • Remember login for trusted devices

Device Management

  • • View active sessions
  • • Revoke access from specific devices
  • • Monitor login locations
  • • Block suspicious devices

Security Alerts

Login Notifications

  • • Email alerts for new logins
  • • SMS notifications for suspicious activity
  • • Browser push notifications
  • • Failed login attempt alerts

Suspicious Activity

  • • Unusual login locations
  • • Multiple failed attempts
  • • Concurrent sessions
  • • Unusual access patterns

Access Control

IP Restrictions

IP Whitelisting

  • • Allow access only from specific IP addresses
  • • Block access from known malicious IPs
  • • Configure geographic restrictions
  • • Set up VPN requirements

Network Security

  • • Require secure connections (HTTPS)
  • • Block access from public networks
  • • Monitor network access patterns
  • • Configure firewall rules

Data Access Control

Permission Levels

  • • Read-only access for viewers
  • • Limited edit permissions for users
  • • Full access for administrators
  • • Custom permission sets

Data Classification

  • • Public data (accessible to all)
  • • Internal data (organization only)
  • • Confidential data (limited access)
  • • Restricted data (admin only)

Security Monitoring

Audit Logs

Tracked Activities

  • • User login/logout events
  • • Permission changes
  • • Data access and modifications
  • • Configuration changes
  • • Security policy updates

Log Retention

  • • Configure log retention periods
  • • Export logs for analysis
  • • Archive historical data
  • • Compliance reporting

Security Reports

Available Reports

  • • Failed login attempts
  • • Suspicious activity patterns
  • • Permission usage statistics
  • • Security policy compliance
  • • User access patterns

Automated Alerts

  • • Real-time security notifications
  • • Daily security summaries
  • • Weekly compliance reports
  • • Monthly security reviews

Security Best Practices

User Security

  • Enable two-factor authentication for all users
  • Regular password changes and strong policies
  • Monitor and review user access regularly
  • Remove access for inactive users
  • Train users on security awareness

System Security

  • Regular security updates and patches
  • Implement least privilege access
  • Monitor and log all security events
  • Regular security audits and assessments
  • Backup and disaster recovery planning

Emergency Security Procedures

Security Incident Response

Immediate Actions

  1. 1. Assess the threat: Determine the scope and severity
  2. 2. Isolate affected systems: Prevent further damage
  3. 3. Reset compromised accounts: Change passwords immediately
  4. 4. Enable additional monitoring: Track suspicious activity
  5. 5. Document the incident: Record all details and actions

Recovery Steps

  1. 1. Investigate the cause: Identify how the breach occurred
  2. 2. Implement fixes: Address security vulnerabilities
  3. 3. Restore from backups: If data was compromised
  4. 4. Update security policies: Prevent future incidents
  5. 5. Notify stakeholders: Communicate as appropriate

Important

Have a security incident response plan in place before an incident occurs. Designate responsible team members and establish communication procedures.

Related Guides