This article mentions what you can do on the "Security" page of Team admin.
This function is available on Enterprise plan.
Contents
・ Password policy
・ Login notification
・ Account lockout
・ Reset member's password
・ Session timeout
・ Login history
・ Security policy on Unipos
▼Password policy
You can set details for passwords such as the length, complexity, restrictions on using past passwords, and expiration.
▽How to set up
Click "Team Admin" in the sidebar.
>Click "Security" in the top right-hand corner.
>Click "Security Settings."
>Click "Password Policy" at the top of the page.
▽Password policy you can edit:
・Minimum number of letters for password (8 letters and up)
(The default setting is 8 letters.)
・Restrictions on password letters
You can choose the conditions on password letters from below:
・No restrictions
・Include half-width alphanumeric letters.
・Include half-width alphanumeric letters, upper-case letters, and lower-case letters.
・Include half-width alphanumeric letters and signs.
・Include half-width alphanumeric letters, upper-case letters, lower-case letters, and signs.
・Restrictions on using past passwords
You can choose whether users are allowed to reuse their past passwords.
Example) If you set "1 generation", users can't reuse their previous password but can reuse any passwords older than that.
・Password expiration
You can set up expiration period for users' passwords.
Example) If you set "90 days", passwords will be expired 90 days after registration and will need resetting.
▼Login notification
Users can receive a login notification when they login to Unipos. This will allow users to identify unauthorized login by third parties in a timely manner.
▽How to set up
Click "Team Admin" in the sidebar.
>Click "Security" in the top right-hand corner.
>Click "Security Settings."
>Click "Login Notification", and "Edit"
Click "Send" and save.
▼Account lockout
This function is available to protect accounts from attackers' attempts to guess users' passwords. If login attempts keep falling through after a certain number of times, the account will be locked for a designated period of time.
This is applicable when users themselves fail to enter their correct user name and password.
▽How to set up account lockout
Click "Team Admin" in the sidebar.
>Click "Security" in the top right-hand corner.
>Click "Security Settings."
>Scroll down to "Account Lockout."
Set up the number of login failures and account lockout time.
▽What you can modify
・The number of login failures allowed before the account is locked.
・The length of time before the account lockout is cancelled.
▽When an account is locked...
・The account can't be accessed even when the correct password is entered.
(Account lockout won't be notified on the login screen.)
・An e-mail will be sent to the entered e-mail address to notify that there may have been unauthorized login attempts.
*If you need to use the locked account right away, please reset your password here or request the admin to reset your password.
▼Reset member's password
Use this function when:
・You want to protect an account.
・You want to unlock an account.
・You want to reset a password for a user who has forgotten their password.
▽How to set up
Click "Team Admin" in the sidebar
> Click "Member" in the top right-hand corner.
> Choose a member you want to reset the password for.
> Click "Reset Password."
> Click "Reset."
The member will receive an e-mail to reset the password.
▽What happens when I reset password?
You can deactivate the member's password from "Edit Members" screen.
By activating this function, ALL of the Unipos users will be automatically logged out.
Click here to reset password.
*You can reset password one by one from the "Member" page.
*You can't reset all passwords at once.
▼Session timeout ※Only web version
This feature mitigates the risk of exposure to the network when a member is away from their computer while they are still logged in.
By activating this function, user will be logged out when they don't perform any action for a certain period of time.
▽How to set up Session Timeout
Click "Team Admin" in the sidebar.
>Click "Security" in the top right-hand corner.
>Click "Security Settings."
>Scroll down to the bottom of the page and click "Session Timeout."
Enter the period of time in a half-width number.
▼Note:
* This function is available only on the web platform.
* This setting will be deactivated by leaving the time field blank.
* When the SSO (Single Sign-On) setting is activated, members are not able to log in from the regular login screen.
Please inform the SSO login method to the members beforehand.
▼Login history
The system admin can monitor all the login attempt history on Unipos.
▽How to check login history
> Click "Security" in the top right-hand corner.
> Click "Security Settings."
> Click "Login History."
Please follow the procedures above to see login history.
▽Here are the things an admin can monitor
Whether login was successful over the past 180 days.
The following information will be displayed:
・Date and time
・E-mail address used for login
・OS/browser information
・IP address
* You can search by e-mail address only. (Your input must exactly match the registered e-mail address.)
* The e-mail address used for login will be displayed. Please note members may have changed their registered e-mail address.
* If you leave the e-mail address field blank, you can see the login history for all accounts.
▼Security policy on Unipos
Transmission encryption All transmission is encrypted with SSL/TLS.
Database encryption All of our data stored by our members are valuable. Our data is saved in the encrypted database.
Reliable data center
Google has proven performance and excellent reliability. We proudly use Google Cloud Platform: https://unipos-support.zendesk.com/knowledge/articles/360031102672/ja?brand_id=360002333191
Cleared vulnerability assessment based on international security standard
Unipos has cleared a vulnerability assessment performed by a third-party organization. The assessment was based on ASVS 3.0 Level 1, which is an international diagnostic standard for software systems.
Secure information management
Unipos has obtained international security standard, ISO27001 (ISMS). We continue to strive for secure information management through third-party security audit.