Security Administration

User login security can be administered at an organization level, as well as at the employee level.  

Quickly navigate to procedures included in this topic by clicking one of the links below:

To Set Organization-wide Login Security Settings

To Set Employee Security

Organization-Wide Login Security

To Set Organization-wide Login Security Settings

Administrator rights are required to set the organization login security.

1. On the Utility menu, click SETUP.
2. In the Setup Console, click Security Administration. The security policy tab is displayed.

3. Click Edit for each Rule Description, select a Value and decide whether an Effective Date and Expiration Date are needed. The date range can be set to determine within what dates the rule will be applied. An explanation of each Rule Description as it applies to the organization is as follows:

Note: Rules marked with a red asterisk do not apply to the security policy for external Access Portal users. There is no need to make a selection for those rules if a user of the Access Portal is being set up.

• Enable access time restriction for users: A time range can be set in which staff members can log on to Nexsure.
• Default time of day after which user is allowed to login: A time can be set after which staff members will be allowed to log on to Nexsure.
• Default time of day after which user is not allowed to login: A time can be set after which staff members are not allowed to log on to Nexsure.

• Is Saturday access allowed by default?: Settings can allow staff members access on Saturdays.
• Is Sunday access allowed by default?: Settings can allow staff members access on Sundays.

1. Default time zone for this organization: A default time zone can be set for all staff members.
2. Requires users to change password on their first login: Staff members can be required to change their passwords the first time they log on to Nexsure.
3. Number of days before users are required to change password: The number of days can be set to determine when staff members will be required to change their Password.

• Number of previous passwords that cannot be reused: The number of previous passwords that cannot be used again can be set.
• Minimum number of characters in a password: The minimum number of characters in a Password can be set.
• Require that passwords contain mixed upper and lower case characters: The setting to require that passwords contain both upper and lower case alpha characters can be set.
• Require that passwords contain at least one numeric character: Numeric characters can be required within passwords set on or between the selected dates.
• Require that passwords contain at least one special character: Special characters can be required within passwords set on or between the selected dates. Special characters are as follows: ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~
• Enable user login expiration date and time: Dates can be set so that all staff member's Login Names and Passwords expire.
• When user does not login during this number of days, their account is disabled (enter 0 to disable this rule): A staff member's account can be disabled if they do not log on within a set number of days.
• Number of unsuccessful login attempts before login name is locked: The number of unsuccessful attempts can be set before a Login Name becomes locked.
• Number of minutes before locked login name is unlocked: The number of minutes can be set to determine how long a locked Login Name and Password will remain locked.
• Send email notification upon user login?: A notification can be sent each time a staff member logs on to Nexsure.
• Email address to notify upon user login: A notification can be sent to a specific email address each time a staff member logs on to Nexsure.

Note: When the Effective Date is blank, the rule takes effect immediately. When the Expiration Date is blank, the rule remains in effect indefinitely.

4. Click Update to save the rule settings.

Or

Click Cancel to ignore any updates to the rule.

Or

Click Reset to Default to change all rules to the organization default settings.

Tip: Click the Access Log tab to view a time stamped list of all logon activity in the organization.

Employee-Specific Login Security

In addition to the organization's security defaults, individual employees can have specific security settings that supersede the organization defaults. Administrative rights are required to modify employee logon security settings.

To Set Employee Security

1. On the Primary menu, click ORGANIZATION.
2. Select the employees tab.
3. Click the Details icon next to the employee to update.
4. Select the security tab. The security tab is displayed. The security tab will not be available if the employee was not previously given login security rights. For more information about making an employee a user, see Adding Employees.

5. In the Login Information section, the following settings are available:

• New password: Enter a new password for the staff member.
• Confirm new password: Re-enter the new password for the staff member.
• Time zone: Select the appropriate time zone for the staff member.

Note: This time zone setting can be overridden by selections made on the user preferences tab. See the Preference Settings topic for more information.

• Automatically adjust clock for Daylight Savings Time (DST): Select this check box to automatically adjust the staff member's clock in Nexsure.
• Login expiration date and time: Enter the date and time the staff member's access to Nexsure will expire. Enter the time in the following format: HH:MM:SS AM or PM. (The seconds are not required.) If no time is entered, the system will default to 12:00 AM. This setting is useful if there is a temporary staff member that will only need access for a specified time frame.
• Change of password required: Select this check box to require the staff member to change their password the first time they log on to Nexsure.
• Access allowed from / until: Select the hours that this staff member can access Nexsure. Leaving these boxes blank allows 24 hour access.
• Notify admin upon login: Select this check box to send a notification to the Nexsure administrator each time the staff member logs on to Nexsure.
• Allow login on Saturday / Sunday: These options are selected by default. To restrict access on these days, clear the check boxes.
• Login disabled:Selecting this option restricts access for the staff member. If a member's login becomes disabled, this is the setting that an administrator can clear to unlock the member's account.

6. In the Navigation Toolbar, click Save. The employee security settings are saved.

Related Topics

Adding Employees

Employee Login Security