Manage KaseyaOne security

NAVIGATION Left navigation menu > Admin Settings > Security

SECURITY Master role

In the Admin Settings > Security view, you can do the following:

Manage the password requirements for users logging in to KaseyaOne. It's important to define a password policy that will establish a standard for creating secure passwords and protecting passwords. Refer to Apply a password policy.
Enable the IP Address Access List feature. This allows you to specify from which IPs users can log in to their KaseyaOne account, to block IP addresses, and ultimately protect your business from unauthorized logins. Refer to Set up IP access control.
Allowlist the IP addresses from where you will be able to log in. Refer to Set up IP access control.

How to...

Apply a password policy

It's important to define a password policy that will establish a standard for creating secure passwords and protecting passwords. This allows you to protect your business from cyber criminals trying to gain access to your data. Only Master users can change the password requirements for KaseyaOne.

To apply a password policy, do the following:

Navigate to Admin Settings > Security view.
Click Password Policy to expand the section.
Configure the following fields:

Field	Description
Minimum password length	Defaults to 8. This must be a value between 8 and 64.
Number of consecutive failed login attempts allowed before account disabling	Defaults to 5. Enter any value higher than 5.
Length of time to disable account after max login failures exceeded	The length of time must be between 1 minute and 23 hours and 59 minutes.

Click Update to save your changes.

Set up IP access control

In the Access List section, enhance the security of KaseyaOne by listing the IP addresses from where users can access the portal and then enabling the IP Address Access List. Users will not be able to access KaseyaOne from IP addresses that are not listed here.

EXAMPLE List the IP addresses of all your office locations and of employees who are working from home.

Setting up and enabling an IP address access list adds an extra layer of security to a portal that provides Unified Login access to multiple applications.

To allowlist an IP address, do the following:

Navigate to the Admin Settings > Security view.
Click IP Access Control to expand the section. Your current IP address is listed under Access List and you cannot delete it — this prevents you from blocking your own access to your KaseyaOne account.
Click + Add. The Add IP Addresses popup window opens.
Complete the fields described in the following table:

Field	Description
IP Address *	Enter one or multiple IP addresses. Press Enter after each IP address to add it to the list. To remove an IP address, click on the X on the IP address tag. To specify an IP range, use CIDR notation (e.g. 192.168.1.1/24).
Note	This field is enabled if only one IP address was entered in the field above. If you are adding multiple addresses, you can add a note in the list once the addresses are saved.

Field

Description

IP Address *

Enter one or multiple IP addresses.

Press Enter after each IP address to add it to the list.
To remove an IP address, click on the X on the IP address tag.
To specify an IP range, use CIDR notation (e.g. 192.168.1.1/24).

Note

This field is enabled if only one IP address was entered in the field above. If you are adding multiple addresses, you can add a note in the list once the addresses are saved.

Click Add. The IP addresses are added to the list.
Turn on the Enable IP Address Access List toggle to enable the feature. Now users will only be able to access your KaseyaOne account from the IP addresses on your list.
To disable the feature, turn off the Enable IP Address Access List toggle.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.