Smartstaff, administrator
4,478
edits
Changes
Created page with "__TOC__ These settings are used to control system security. link= ==System Summary== The System Summar..."
__TOC__
These settings are used to control system security.
[[Image:Global Settings - LoginandSecuritySettingsSection.png|link=]]
==[[System Summary]]==
The [[System Summary]] is a summary of system settings, broken out into a series of tabs, that supports easy to use copy and paste functionality to help when creating system documentation for an instance of SmartSimple.
;Business Security Settings
==[[Password Policy|Password and Activation Policies]]==
The [[Password Policy]] is used to control the length and complexity of passwords, password expiration and history, the number of retries that the user is allowed, and the lockout time for the account if they exceed the number of retries. [[Password Policy|Click here]] for detailed information.
==[[Configuring Privacy, Confidentiality and Other Policies|Privacy and Security Policies]]==
The [[Configuring Privacy, Confidentiality and Other Policies|Privacy and Security Policies]] allows organizations to better highlight their privacy and other stated policies, provides tools to manage country and language combinations, and places persistent links to policies on login pages and user portals.
==[[Email & Email Broadcast Security|Email Security Settings]]==
The [[Email & Email Broadcast Security]] settings are used to control which recipients users are allowed to send email and email broadcasts to based on their role. [[Email & Email Broadcast Security|Click here]] for detailed information.
==Data Categories==
Configure Data Category settings
==Data Policies==
Configure Data Policy settings
==Company / User Security Matrix ==
Allows system administrators to restrict interaction with the application and the associated entities. In order to do this you will need to '''Enable Company and User Security Matrix''' feature.
==[[System Security Permissions|System Feature Permissions]]==
Allows for system administrators to personalize their copy of SmartSimple and to make various system objects available to users in different roles.
==[[Visibility Permissions|System Visibility Permissions]]==
Allows for system administrators to personalize their copy of SmartSimple and to make various system objects available to users in different roles.
==[[Lock System Configurations|System Configuration Lock]]==
The Instance Lock-Down provides the ability to remove access to all settings in your copy of SmartSimple using a global system-lock password. [[Lock System Configurations|Click here]] for details on how to use this feature.
==Enable Company and User Security Matrix==
Switch the Company and User Security Matrix off or on
==Enable Company Record Lock==
Prevent concurrent edit access to Int Companies & Ext Accounts
==Enable User Record Lock==
Prevent concurrent edit access to Int Users & Ext Contacts
==Anonymize Record Lock Owner==
Select roles for those user who will not see the details of who has the record locked
==[[Session Timeout]]==
The [[Session Timeout]] controls how long a user can be inactive in their browser before they are automatically logged out by the system. See [[Session Timeout]] for more information.
;System Security Settings
==[[Enhanced Security Mode|Enable Enhanced Security Mode]]==
Preset and disable configurations on system security related options. This will also disable legacy applications.
==[[Enable URL Parameter Encryption]]==
This setting will encrypt object IDs such as custom field IDs, userid, companyid, activity. This enhances security by making it impossible to guess URLs.
==[[Enable Logout]]==
The system can be configured to [[Enable Logout|automatically logout]] the user and store the session end time in the user log whenever the '''Logout''' button is clicked, the user navigates to a different website or when the browser is closed.<br>
A confirmation message can also be enabled to confirm that the user will be logged out.
==Disable External Login Shortcut==
This setting will disable the use of the [[Bypassing_the_Login_Page|external login shortcut]] (exlogin) from the URL.
==Disable Session Timeout Alert==
If [[Session Timeout]] is set, this setting will disable the 30-second alert and login prompt pop-ups.
==Disable Secure Session Management ==
This setting will disable the validation for matching session IP and browser agent.
==Disable Cross-Site Framing Restriction==
Disable cross-site framing restriction, and allow SmartSimple pages to be directly embedded within external sites outside the current server domain.
==Disable HTTP Cache Control==
Disable HTTP cache control no-cache restriction.==
==Disable Concurrent Login Check==
Allows same user to be logged in from multiple sessions. Primarily used for load testing purposes, and strongly recommended that this is not set when going live.
==[[Suppress E-mail Alert|Suppress Local Administrator Alert]]==
The e-mail notification sent to all current administrators when a new Local Administrator is created can be suppressed.
[[Category:Global Settings]][[Category:Security]][[Category:System Auditing]]
These settings are used to control system security.
[[Image:Global Settings - LoginandSecuritySettingsSection.png|link=]]
==[[System Summary]]==
The [[System Summary]] is a summary of system settings, broken out into a series of tabs, that supports easy to use copy and paste functionality to help when creating system documentation for an instance of SmartSimple.
;Business Security Settings
==[[Password Policy|Password and Activation Policies]]==
The [[Password Policy]] is used to control the length and complexity of passwords, password expiration and history, the number of retries that the user is allowed, and the lockout time for the account if they exceed the number of retries. [[Password Policy|Click here]] for detailed information.
==[[Configuring Privacy, Confidentiality and Other Policies|Privacy and Security Policies]]==
The [[Configuring Privacy, Confidentiality and Other Policies|Privacy and Security Policies]] allows organizations to better highlight their privacy and other stated policies, provides tools to manage country and language combinations, and places persistent links to policies on login pages and user portals.
==[[Email & Email Broadcast Security|Email Security Settings]]==
The [[Email & Email Broadcast Security]] settings are used to control which recipients users are allowed to send email and email broadcasts to based on their role. [[Email & Email Broadcast Security|Click here]] for detailed information.
==Data Categories==
Configure Data Category settings
==Data Policies==
Configure Data Policy settings
==Company / User Security Matrix ==
Allows system administrators to restrict interaction with the application and the associated entities. In order to do this you will need to '''Enable Company and User Security Matrix''' feature.
==[[System Security Permissions|System Feature Permissions]]==
Allows for system administrators to personalize their copy of SmartSimple and to make various system objects available to users in different roles.
==[[Visibility Permissions|System Visibility Permissions]]==
Allows for system administrators to personalize their copy of SmartSimple and to make various system objects available to users in different roles.
==[[Lock System Configurations|System Configuration Lock]]==
The Instance Lock-Down provides the ability to remove access to all settings in your copy of SmartSimple using a global system-lock password. [[Lock System Configurations|Click here]] for details on how to use this feature.
==Enable Company and User Security Matrix==
Switch the Company and User Security Matrix off or on
==Enable Company Record Lock==
Prevent concurrent edit access to Int Companies & Ext Accounts
==Enable User Record Lock==
Prevent concurrent edit access to Int Users & Ext Contacts
==Anonymize Record Lock Owner==
Select roles for those user who will not see the details of who has the record locked
==[[Session Timeout]]==
The [[Session Timeout]] controls how long a user can be inactive in their browser before they are automatically logged out by the system. See [[Session Timeout]] for more information.
;System Security Settings
==[[Enhanced Security Mode|Enable Enhanced Security Mode]]==
Preset and disable configurations on system security related options. This will also disable legacy applications.
==[[Enable URL Parameter Encryption]]==
This setting will encrypt object IDs such as custom field IDs, userid, companyid, activity. This enhances security by making it impossible to guess URLs.
==[[Enable Logout]]==
The system can be configured to [[Enable Logout|automatically logout]] the user and store the session end time in the user log whenever the '''Logout''' button is clicked, the user navigates to a different website or when the browser is closed.<br>
A confirmation message can also be enabled to confirm that the user will be logged out.
==Disable External Login Shortcut==
This setting will disable the use of the [[Bypassing_the_Login_Page|external login shortcut]] (exlogin) from the URL.
==Disable Session Timeout Alert==
If [[Session Timeout]] is set, this setting will disable the 30-second alert and login prompt pop-ups.
==Disable Secure Session Management ==
This setting will disable the validation for matching session IP and browser agent.
==Disable Cross-Site Framing Restriction==
Disable cross-site framing restriction, and allow SmartSimple pages to be directly embedded within external sites outside the current server domain.
==Disable HTTP Cache Control==
Disable HTTP cache control no-cache restriction.==
==Disable Concurrent Login Check==
Allows same user to be logged in from multiple sessions. Primarily used for load testing purposes, and strongly recommended that this is not set when going live.
==[[Suppress E-mail Alert|Suppress Local Administrator Alert]]==
The e-mail notification sent to all current administrators when a new Local Administrator is created can be suppressed.
[[Category:Global Settings]][[Category:Security]][[Category:System Auditing]]
