Enterprise security options
At Instahyre we understand that data security is of paramount importance. Enterprise customers, in particular, need to protect sensitive information, prevent unauthorized access, adhere to compliance regulations, and strengthen authentication processes. In response to these demands, we have developed robust security options to safeguard your data and ensure your peace of mind. This article provides an overview of our security features.
Single Sign-On (SSO) - Simplified access to multiple services with one set of credentials.
Two-factor Authentication (2FA) - Enhance security with two-step verification.
IP Whitelisting - Control access by specifying allowed IP addresses.
Automatic account disablement - Disable inactive accounts for added security.
Automatic account lockout - Lock accounts after failed multiple login attempts.
Automatic session expiration - Set session duration for added security.
Password policies - Define password strength and expiry.
Lets understand about these security options in detail and their various benefits.
Single Sign-On (SSO) is a user authentication process allowing users to access multiple applications or services with a single login credential. Instead of remembering and entering separate usernames and passwords for each application, SSO enables users to log in once and gain access to all connected services seamlessly.
Note: SSO is an existing product available to our customers on the database plan. To learn more about SSO and how it works, visit the help center article on SSO.
Two-factor authentication (2FA) is a security process that requires users to provide two different forms of identification before accessing their Instahyre account. This adds an extra layer of security beyond the existing username and password.
When 2FA is enabled, users receive a one-time password (OTP) on their email and mobile number.
After successful OTP authentication, they gain access to their account.
IP Whitelisting allows administrators to specify trusted IP addresses or IP ranges permitted access to the platform. When IP Whitelisting is enabled, any connection attempts from IP addresses not included in the whitelist are denied.
Only one IP address or IP range should be allowed per line.
If the IP address or IP range entered is in the wrong format, an error message with the changed text color of the incorrectly entered IP address to red will be displayed.
If admin clicks on save changes without entering any IP address. An alert will be shown below the IP address input box.
Automatic Account Disablement is a feature that admins control from the 'Security Control' page.
When enabled, it automatically disables user accounts (except admin accounts) that have been inactive for a specified number of days.
When activated, all user accounts, except admin accounts, will be disabled if they remain inactive for a set number of days.
Admins can choose the inactivity period, which must fall within the range of 10 to 180 days. Any value outside this range triggers an error alert.
When an account is disabled due to inactivity, users attempting to log in with correct credentials will see a modal and won't access the platform. Users need to contact their admin to regain access to their account.
Automatic Account Lockout is a security feature that admins can activate for their organization. Admins can specify the maximum number of failed login attempts allowed, with a minimum of 3 and a maximum of 7.
Admins select the maximum allowed failed login attempts.
If any other number outside the range of 3 to 7 is chosen, an error message will appear.
When a user exceeds the maximum allowed failed login attempts within a 60-minute period, their account is locked. A specific error message will be displayed when the user attempts to log in, informing them that their account has been locked due to excessive failed attempts.
Automatic Session Expiration is a security feature that can be enabled by admins. When activated, all active user sessions are automatically ended after a specific duration.
Admins set the session duration, which must be within the range of 15 minutes to 90 days.
If the admin enters a value below or above this range, an error alert is displayed.
Admins can choose the session duration type, either in minutes or days, using a dropdown menu.
Alongside the dropdown, there is a field where the admin enters the duration value.
When a user is logged out due to session expiration, they will see a notification explaining the session has ended. Users will then need to log in again to continue using the platform.
Password Policies is a security feature that empowers admins to set password strength requirements for users in their organization. Password strength is categorized into three levels: Weak, Medium, and Strong, each with distinct requirements.
Strength Levels:
Weak: Minimal requirements.
Medium: Moderate security measures.
Strong: Highest level of security.
Admins can enable automatic password expiry.
They can set the number of days after which user passwords will automatically expire from their last update.
The range for password expiry is 30 to 180 days.
Entering a value outside this range triggers an error alert.
Users will see different pages based on the password policies set by the admin.
Password requirements are dynamically displayed as users type, with met requirements indicated by a green tick mark instead of a red cross mark.
These features are only available for Enterprise plan customers. For more details contact our customer support team to upgrade your plan.
List of Security Options -
Single Sign-On (SSO) - Simplified access to multiple services with one set of credentials.
Two-factor Authentication (2FA) - Enhance security with two-step verification.
IP Whitelisting - Control access by specifying allowed IP addresses.
Automatic account disablement - Disable inactive accounts for added security.
Automatic account lockout - Lock accounts after failed multiple login attempts.
Automatic session expiration - Set session duration for added security.
Password policies - Define password strength and expiry.
Lets understand about these security options in detail and their various benefits.
Single Sign-On(SSO)
Single Sign-On (SSO) is a user authentication process allowing users to access multiple applications or services with a single login credential. Instead of remembering and entering separate usernames and passwords for each application, SSO enables users to log in once and gain access to all connected services seamlessly.
Note: SSO is an existing product available to our customers on the database plan. To learn more about SSO and how it works, visit the help center article on SSO.
Two-factor Authentication (2FA)
Two-factor authentication (2FA) is a security process that requires users to provide two different forms of identification before accessing their Instahyre account. This adds an extra layer of security beyond the existing username and password.
How it works?
When 2FA is enabled, users receive a one-time password (OTP) on their email and mobile number.
After successful OTP authentication, they gain access to their account.
IP Whitelisting
IP Whitelisting allows administrators to specify trusted IP addresses or IP ranges permitted access to the platform. When IP Whitelisting is enabled, any connection attempts from IP addresses not included in the whitelist are denied.
How it works?
Only one IP address or IP range should be allowed per line.
If the IP address or IP range entered is in the wrong format, an error message with the changed text color of the incorrectly entered IP address to red will be displayed.
If admin clicks on save changes without entering any IP address. An alert will be shown below the IP address input box.
Automatic Account Disablement
Automatic Account Disablement is a feature that admins control from the 'Security Control' page.
When enabled, it automatically disables user accounts (except admin accounts) that have been inactive for a specified number of days.
How it works?
When activated, all user accounts, except admin accounts, will be disabled if they remain inactive for a set number of days.
Admins can choose the inactivity period, which must fall within the range of 10 to 180 days. Any value outside this range triggers an error alert.
When an account is disabled due to inactivity, users attempting to log in with correct credentials will see a modal and won't access the platform. Users need to contact their admin to regain access to their account.
Automatic Account Lockout
Automatic Account Lockout is a security feature that admins can activate for their organization. Admins can specify the maximum number of failed login attempts allowed, with a minimum of 3 and a maximum of 7.
How it works?
Admins select the maximum allowed failed login attempts.
If any other number outside the range of 3 to 7 is chosen, an error message will appear.
When a user exceeds the maximum allowed failed login attempts within a 60-minute period, their account is locked. A specific error message will be displayed when the user attempts to log in, informing them that their account has been locked due to excessive failed attempts.
Automatic Session Expiration
Automatic Session Expiration is a security feature that can be enabled by admins. When activated, all active user sessions are automatically ended after a specific duration.
How it works:
Admins set the session duration, which must be within the range of 15 minutes to 90 days.
If the admin enters a value below or above this range, an error alert is displayed.
Admins can choose the session duration type, either in minutes or days, using a dropdown menu.
Alongside the dropdown, there is a field where the admin enters the duration value.
When a user is logged out due to session expiration, they will see a notification explaining the session has ended. Users will then need to log in again to continue using the platform.
Password Policies
Password Policies is a security feature that empowers admins to set password strength requirements for users in their organization. Password strength is categorized into three levels: Weak, Medium, and Strong, each with distinct requirements.
Strength Levels:
Weak: Minimal requirements.
Medium: Moderate security measures.
Strong: Highest level of security.
How it works?
Admins can enable automatic password expiry.
They can set the number of days after which user passwords will automatically expire from their last update.
The range for password expiry is 30 to 180 days.
Entering a value outside this range triggers an error alert.
Users will see different pages based on the password policies set by the admin.
Password requirements are dynamically displayed as users type, with met requirements indicated by a green tick mark instead of a red cross mark.
These features are only available for Enterprise plan customers. For more details contact our customer support team to upgrade your plan.
Updated on: 30/11/2023
Thank you!