Configure Security Settings to protect AssetExplorer from vulnerabilities, unauthorized access, and breach attacks.
To access security settings, go to Admin > General Settings > Security Settings.
Security Meter
The Security Settings configuration page shows a Security Meter to track and assess the effectiveness of your setup based on the various security settings used. The meter displays the following:
- A security score in percentage
- A security level classification based on the security score: unsecured, weak security, moderate security, and highly secure.
- An option to view and manage the list of available security features.
General
Use the pointers below to configure the General tab in Security Settings.
- Configure account lockout threshold and duration:
- Select the threshold for locking the user after the number of failed attempts.
- Set the user account reset time in minutes.
- Choose whether the account should be locked in only the user's computer or all computers.
- Customize the alert message.
- Choose to notify the technician via email or bell notification and select the preferred technician(s).
Locked users can be unlocked by clicking the link provided in the UI.
- Disable concurrent logins: Enable/disable concurrent logins for users.
- Remove Exif Metadata: When an image is captured, Exif metadata stores all its background information. Select this option to remove exif metadata for all uploaded images.
- Server Port and Protocol Configuration: Select the connection type (HTTP or HTTPS) and configure the server port for the application.
- If HTTPS mode is enabled, upload an SSL certificate. Click Import SSL Certificate to add the certificate. Learn more.
- Enable Keep me signed-in: Allow users to stay signed in to the application without needing to log in again for a specified number of days.
- Enable Forgot Password: Enable users to click Forgot Password on the login page for local authentication. This will prompt a password reset link.
- Session timeout configuration: Set a time limit (in minutes) for automatic log-out of inactive users.
- Enable this option for the mobile app by checking Enable session timeout for mobile app and specifying the time limit.
- Enable password protection for all file attachments: Enable this option to protect file attachments from unauthorized access. Specify a password for the files.
- Show or restrict user fields to be displayed for technicians: Customize which user fields technicians can see. You can choose to show all fields or select which fields to include or exclude from the dropdown menu.
This configuration does not apply to technicians with SDAdmin role.
Advanced
Use the pointers below to configure the Advanced tab in Security Settings.
- Add security response headers: Enable this to add default security headers to protect the application from XSS, reflected XSS, and clickjack vulnerabilities. Select (+) and choose from the dropdown menu to add the security response headers.
- Enable Domain dropdown during login: Enable this option to display domain names on the login page. If disabled, domain names will not be shown on the login page and will be chosen automatically based on user credentials.
- Domain Filtering during login: Enable this to filter the domains listed on the login page to display only the ones relevant to the user.
- Disable paste for password fields: Select this to prevent paste operation for all password fields.
- Disable HTTP compression: Select this to prevent BREACH attack vulnerabilities.
This will increase network bandwidth and may impact application performance.
- Enable antivirus scanning for file uploads: Select this to enable antivirus scanning for file uploads using ICAP protocol.
- Disable login details banner: Choose to prevent displaying past login data to users when they log into the app.
- Enable rate limit for all actions and operations: Select this to allow all actions/operations to be performed regardless of the configured rate limit.
- Enable push notification for SDAdmins when client request rate limit is reached.
Password Policy
To configure the password policy,
- Select Enable password policy.
- Set the minimum number of characters required for the password.
- Specify if the password needs uppercase and lowercase letters.
- Specify if the password needs to include special characters and symbols.
- Specify if previous passwords can be reused and select the number of previous passwords that cannot be reused. (maximum of 8).
- Set password expiry (in days).
- Specify whether the username and password can be the same.
- Enable Force password reset at first login: Select this to require users to change their password after their initial login.
Security Alerts
Security alerts allow you to input information for receiving notifications regarding security updates and subscription expiry.
Provide the Organization Name, Contact Email, Phone, and Country.
Related Articles
Proxy Settings
Configure a proxy server in AssetExplorer to establish a secure connection between your organization and other servers. Role required: SDAdmin To configure proxy settings, go to Admin > General Settings > Proxy Settings. Use the pointers below to ...
Outgoing Mail Server Settings
Role Required: SDAdmin Configure your organization's mail server to send emails and trigger notifications through AssetExplorer. You can use email protocols (SMTP/SMTPS), Exchange Web Services (EWS), or Microsoft Graph to connect to the external ...
Printer Settings and Browser configurations
Browser Settings Navigate to File menu > Page setup > Margins and Headers/Footers. Change the Top, Left, Right, and the Bottom Margins to 0.0. Change all the Headers and Footers to "--blank--". Printer Settings Navigate to Control Panel > Hardware ...
Custom Settings - Report Settings
Custom settings allow you to modify the structure of the report. Role Required: SDAdmin, Technicians with Complete Access to reports. To access custom settings, Go to the Reports tab. Click Custom Settings. Customize your report using the following ...
Performance Settings
Performance Settings improve the performance and stability of the application. Role Required: SDAdmin To access performance settings, go to Admin > General Settings > Performance Settings. General To optimize performance, go to the General tab under ...