Security Meter 

1. A security score in percentage
   
2. A security level classification based on the security score: unsecured, weak security, moderate security, and highly secure.
   
3. An option to view and manage the list of available security features.
   

General 

1. Configure account lockout threshold and duration:
   
1. Select the threshold for locking the user after the number of failed attempts.
   
2. Set the user account reset time in minutes.
   
3. Choose whether the account should be locked in only the user's computer or all computers.
   
4. Customize the alert message.
   
5. Choose to notify the technician via email or bell notification and select the preferred technician(s).

Locked users can be unlocked by clicking the link provided in the UI. 

1. Disable concurrent logins: Enable/disable concurrent logins for users.
   
2. Remove Exif Metadata: When an image is captured, Exif metadata stores all its background information. Select this option to remove exif metadata for all uploaded images.
   
3. Server Port and Protocol Configuration: Select the connection type (HTTP or HTTPS) and configure the server port for the application.
   
1. If HTTPS mode is enabled, upload an SSL certificate. Click Import SSL Certificate to add the certificate. Learn more.
   
4. Enable Keep me signed-in: Allow users to stay signed in to the application without needing to log in again for a specified number of days.
   
5. Enable Forgot Password: Enable users to click Forgot Password on the login page for local authentication. This will prompt a password reset link.
   
6. Session timeout configuration: Set a time limit (in minutes) for automatic log-out of inactive users.
   
7. Enable this option for the mobile app by checking Enable session timeout for mobile app and specifying the time limit.
   
8. Enable password protection for all file attachments: Enable this option to protect file attachments from unauthorized access. Specify a password for the files.
   
9. Show or restrict user fields to be displayed for technicians: Customize which user fields technicians can see. You can choose to show all fields or select which fields to include or exclude from the dropdown menu.

This configuration does not apply to technicians with SDAdmin role. 

Advanced 

1. Add security response headers: Enable this to add default security headers to protect the application from XSS, reflected XSS, and clickjack vulnerabilities. Select (+) and choose from the dropdown menu to add the security response headers.
   
2. Enable Domain dropdown during login: Enable this option to display domain names on the login page. If disabled, domain names will not be shown on the login page and will be chosen automatically based on user credentials.
   
1. Domain Filtering during login: Enable this to filter the domains listed on the login page to display only the ones relevant to the user.
   
3. Disable paste for password fields: Select this to prevent paste operation for all password fields.
   
4. Disable HTTP compression: Select this to prevent BREACH attack vulnerabilities.
   

This will increase network bandwidth and may impact application performance. 

1. Enable antivirus scanning for file uploads: Select this to enable antivirus scanning for file uploads using ICAP protocol.
   
2. Disable login details banner: Choose to prevent displaying past login data to users when they log into the app.
   
3. Enable rate limit for all actions and operations: Select this to allow all actions/operations to be performed regardless of the configured rate limit.
   
1. Enable push notification for SDAdmins when client request rate limit is reached.
   

Password Policy 

1. Select Enable password policy.
   
2. Set the minimum number of characters required for the password.
   
3. Specify if the password needs uppercase and lowercase letters.
   
4. Specify if the password needs to include special characters and symbols.
   
5. Specify if previous passwords can be reused and select the number of previous passwords that cannot be reused. (maximum of 8).
   
6. Set password expiry (in days).
   
7. Specify whether the username and password can be the same.
   
8. Enable Force password reset at first login: Select this to require users to change their password after their initial login.
   

Security Alerts