Difference between revisions of "Security Settings"
(→Disable Secure Session Management) |
|||
Line 69: | Line 69: | ||
If [[Session Timeout]] is set, this setting will disable the 30-second alert and login prompt pop-ups. | If [[Session Timeout]] is set, this setting will disable the 30-second alert and login prompt pop-ups. | ||
− | ==Disable Secure Session Management == | + | ==Disable Secure Session Management== |
− | This | + | This Global System Security Setting will disable the validation for matching session IP and browser agent which is one part of the security features in the platform that protect against Cross Site Framing attacks. |
+ | |||
+ | |||
+ | Options if users are being randomly logged out: | ||
+ | |||
+ | # Set the network proxy to sticky sessions when communicating with SmartSimple | ||
+ | # Set the network proxy to bypass the proxy and just direct connect from the desktop/laptop computer to SmartSimple | ||
+ | # Disable the Secure Session Management setting and accept the potential risk | ||
==Disable Cross-Site Framing Restriction== | ==Disable Cross-Site Framing Restriction== |
Revision as of 14:46, 13 June 2019
Contents
- 1 Business Security Settings
- 1.1 Password and Activation Policies
- 1.2 Privacy and Security Policies
- 1.3 Email Security Settings
- 1.4 Data Categories
- 1.5 Data Policies
- 1.6 Company / User Security Matrix
- 1.7 System Feature Permissions
- 1.8 System Visibility Permissions
- 1.9 System Configuration Lock
- 1.10 Enable Company and User Security Matrix
- 1.11 Enable Company Record Lock
- 1.12 Enable User Record Lock
- 1.13 Anonymize Record Lock Owner
- 1.14 Session Timeout
- 2 System Security Settings
- 2.1 Enable Enhanced Security Mode
- 2.2 Enable URL Parameter Encryption
- 2.3 Enable Logout
- 2.4 Disable External Login Shortcut
- 2.5 Disable Session Timeout Alert
- 2.6 Disable Secure Session Management
- 2.7 Disable Cross-Site Framing Restriction
- 2.8 Disable HTTP Cache Control
- 2.9 Disable Concurrent Login Check
- 2.10 Suppress Local Administrator Alert
These settings are used to control system security.
Business Security Settings
Password and Activation Policies
The Password Policy is used to control the length and complexity of passwords, password expiration and history, the number of retries that the user is allowed, and the lockout time for the account if they exceed the number of retries. Click here for detailed information.
Privacy and Security Policies
The Privacy and Security Policies allows organizations to better highlight their privacy and other stated policies, provides tools to manage country and language combinations, and places persistent links to policies on login pages and user portals.
Email Security Settings
The Email & Email Broadcast Security settings are used to control which recipients users are allowed to send email and email broadcasts to be based on their role. Click here for detailed information.
Data Categories
Configure Data Category settings
Data Policies
Configure Data Policy settings
Company / User Security Matrix
Allows system administrators to restrict interaction with the application and associated entities. In order to do this you will need to Enable Company and User Security Matrix feature.
System Feature Permissions
Allows for system administrators to personalize their copy of SmartSimple and to make various system features available to users in different roles.
System Visibility Permissions
Allows for system administrators to personalize their copy of SmartSimple and to make various system objects available to users in different roles.
System Configuration Lock
The Instance Lock-Down provides the ability to remove access to all settings in your copy of SmartSimple using a global system-lock password. Click here for details on how to use this feature.
Enable Company and User Security Matrix
Switch the Company and User Security Matrix off or on
Enable Company Record Lock
Prevent concurrent edit access to Int Companies & Ext Accounts
Enable User Record Lock
Prevent concurrent edit access to Int Users & Ext Contacts
Anonymize Record Lock Owner
Select roles for those users who will not see the details of who has the record locked
Session Timeout
The Session Timeout controls how long a user can be inactive in their browser before they are automatically logged out by the system. See Session Timeout for more information.
System Security Settings
Enable Enhanced Security Mode
Preset and disable configurations on system security related options. This will also disable legacy applications.
Enable URL Parameter Encryption
This setting will encrypt object IDs such as custom field IDs, userid, companyid, activity. This enhances security by making it impossible to guess URLs.
Enable Logout
The system can be configured to automatically logout the user and store the session end time in the user log whenever the Logout button is clicked, the user navigates to a different website or when the browser is closed.
A confirmation message can also be enabled to confirm that the user will be logged out.
Disable External Login Shortcut
This setting will disable the use of the external login shortcut (exlogin) from the URL.
Disable Session Timeout Alert
If Session Timeout is set, this setting will disable the 30-second alert and login prompt pop-ups.
Disable Secure Session Management
This Global System Security Setting will disable the validation for matching session IP and browser agent which is one part of the security features in the platform that protect against Cross Site Framing attacks.
Options if users are being randomly logged out:
- Set the network proxy to sticky sessions when communicating with SmartSimple
- Set the network proxy to bypass the proxy and just direct connect from the desktop/laptop computer to SmartSimple
- Disable the Secure Session Management setting and accept the potential risk
Disable Cross-Site Framing Restriction
Disable cross-site framing restriction, and allow SmartSimple pages to be directly embedded within external sites outside the current server domain.
Disable HTTP Cache Control
Disable HTTP cache control no-cache restriction.==
Disable Concurrent Login Check
Allows same user to be logged in from multiple sessions. Primarily used for load testing purposes, and strongly recommended that this is not set when going live.
Suppress Local Administrator Alert
The e-mail notification sent to all current administrators when a new Local Administrator is created can be suppressed.