Manage KaseyaOne security

NAVIGATION  Left navigation menu > Admin Settings > Security

SECURITY  Master role

In the Admin Settings > Security view, you can do the following:

  • Manage the password requirements for users logging in to KaseyaOne. It's important to define a password policy that will establish a standard for creating secure passwords and protecting passwords. Refer to Modify the password policy.
  • Enable the IP Address Access List feature. This allows you to set from which IPs users can log in to their KaseyaOne account, to block IP addresses, and ultimately protect your business from unauthorized logins. Refer to Enable and configure an IP address access list.
  • Allowlist the IP addresses from where you will be able to log in. Refer to Enable and configure an IP address access list.

How to...

It's important to define a password policy that will establish a standard for creating secure passwords and protecting passwords. This allows you to protect your business from cyber criminals trying to gain access to your data.

Master users are able to change the password requirements for KaseyaOne.

To modify the default password policy, do the following:

  1. Navigate to Admin Settings > Security view.
  2. Click Password Policy to expand the section.
  3. Configure the following fields:

Field Description

Minimum password length

Defaults to 8. This must be a value between 8 and 64.

Number of consecutive failed login attempts allowed before account disabling

Defaults to 5. Enter any value higher than 5.

Length of time to disable account after max login failures exceeded

The length of time must be between 1 minute and 23 hours and 59 minutes.

  1. Click Update to save your changes.

In the Access List section, enhance the security of KaseyaOne by enabling the IP Address Access List feature and then listing the IP addresses from where users can access the portal. Users will not be able to access KaseyaOne from IP addresses that are not listed here.

EXAMPLE  You are listing the IP addresses of all your office locations, and of employees who are working from home.

Enabling this feature adds a layer of security to a portal that provides Unified Login access to multiple applications.

To allowlist an IP address, do the following:

  1. Navigate to the Admin Settings > Security view.
  2. Click IP Access Control to expand the section. Your current IP address is listed under Access List and you cannot delete it — this prevents you from blocking your own access to your KaseyaOne account.
  3. Click + Add. The Add IP Addresses popup window opens.
  4. Complete the fields described in the following table:
Field Description

IP Address *

Enter one or multiple IP addresses.

  • Press Enter after each IP address to add it to the list.

  • To remove an IP address, click on the X on the IP address tag.

  • To specify an IP range, use CIDR notation (e.g. 192.168.1.1/24).

Note

This field is enabled if only one IP address was entered in the field above. If you are adding multiple addresses, you can add a note in the list once the addresses are saved.

  1. Click Add. The IP addresses are added to the list.

  2. Turn on the Enable IP Address Access List toggle to enable the feature. Now users will only be able to access your KaseyaOne account from the IP addresses on your list.

  3. To disable the feature, turn off the Enable IP Address Access List toggle.

If you are managing a large number of IP addresses, you can use the Search keywords... field to locate a specific address. You can search for components of the IP address or keywords in the Notes field.

You can add or edit notes associated with IP addresses at any time.

Click the check mark to save your note.

To delete an IP address that is no longer valid, click the trash can symbol, and then confirm the deletion.