Manage the security compliance of your organization’s system to ensure data integrity and avoid security breaches. You can do so through the following options:
Configuring User Session Lifetime
The session lifetime describes the maximum time a user can stay signed in their employee app or intranet without any interaction. If users exceed the maximum inactivity time, they are signed out from their employee app or intranet automatically to avoid potential security risks. You can define the maximum inactivity time for your app separately for mobile browsers, mobile app, and desktop app according to your security and compliance needs.
Session lifetime options:
- Default: 6 months
- Maximum: 6 months
- Minimum: 5 minutes
- Free configuration between minimum and maximum
- In the Studio, navigate to Settings > Security.
- Under the section Session Lifetime, define the session lifetime. You can do this separately for mobile browsers, mobile apps, and desktop browsers.
- Click the dropdown menu to choose the duration in between months, weeks, days, hours and minutes.
- Add a number to define the duration.
- Click Save.
You have defined the session lifetime of your internal communications platform.
Limiting Parallel Sessions
Parallel sessions allow users to sign in to their mobile browser, mobile app, or desktop app with the same account on multiple different devices.
While having multiple sessions opened simultaneously can be practical for users, maintaining only a few active sessions can be difficult for security reasons. Limiting the number of parallel sessions reduces security risks, for example, when the user’s sign-in information is exposed. By default, there is no limit to the number of parallel sessions a user can have. You can configure this by setting a maximum number of parallel sessions in the platform settings.
- In the Studio, navigate to Settings > Security.
- Under the Maximum Parallel Sessions, select Session(s) from the dropdown menu.
- Add a number to define the limit of parallel sessions.
- Click Save.
You have set a limit to the number of parallel sessions users can have for your internal communications platform.
Signing Users Out From the Platform
If the user exceeds the defined limit of parallel sessions, the oldest active session is closed.
In the case of a significant security breach or other security needs, you can sign all users out of the platform. This will sign them out of any active sessions on any device. After being signed out, they will need to sign in again, protecting the platform from the potential security issue.
- In the Studio, navigate to Settings > Security.
- Under the Close All Active Sessions, click Close All Sessions.
- Click Save.
You have now closed all active sessions and signed out all users from your internal communications platform.
Comments
0 comments
Please sign in to leave a comment.