For ClearPoint administrators looking to improve the security of their users' accounts, the Organization and Security menu offers excellent solutions.
Organization Details
You can change the organization name and contacts on the Organization Details tab.
From the Control Panel click on System Settings
Select System Setup
Click Organization and Security under Standard Features
Under Organization Name, enter the name you would like to be displayed in the upper left-hand corner of ClearPoint
You can also enter an Industry
Under Primary Mailing Address, you can input the best mailing address to receive special ClearPoint packages!
Under Points of Contact, you can fill out contact information for
Account Administrators
Billing Contacts
Decisionmakers
Technical Admins
Options
On the Options tab, you can select a few account-wide settings.
From the Control Panel click on System Settings
Select System Setup
Click Organization and Security under Standard Features
Navigate to the Options tab
Use the Default Currency dropdown menu to select a currency for your account.
Check the box next to Prevent Users From Changing Home Page if you don’t want users to be able to change their home page.
Check the box next to Lock Account if you don’t want anyone logging into ClearPoint at this point.
You can adjust the Locked Account Message to better communicate the reason why they cannot log in.
Inserting a Custom Logout URL will automatically send users to the destination of the
URL when they log out of ClearPoint.
This is a great option for any organization that uses Single Sign On (SSO) as you can redirect users to your application dashboard page, rather than our login page.
You could also choose to send users to a specific page, like maybe a blog about how wonderful ClearPoint is!
Security
On the Security tab, you can configure password and content security options.
From the Control Panel click on System Settings
Select System Setup
Click Organization and Security under Standard Features
Navigate to the Security tab
Password Validation Regular Expression controls the characters required for passwords to ClearPoint.
Password Validation Message is how you can communicate the password requirements to your users.
This will appear on the login screen when they are creating a new password.
Clicking on the check box next to Require Two-Factor Authentication will require that all
of your users go through Two-Factor Authentication upon logging in.
To learn how this works, check out this Help Center article.
Checking the box next to Prevent Multiple Logins is useful if you do not want multiple people using the same login credentials.
Users will be kicked out of ClearPoint if someone attempts to log in with the same credentials.
Checking the box next to Expire Passwords Every 90 Days will force your users to reset their password upon logging in every 90 days.
It is recommended to have users reset their passwords regularly.
Checking the box next to Reset All Passwords will require that every user in your account resets their password the next time they log in.
Under Context Security, you can select an option from the Invalid Content Policy dropdown menu.
The default option in this menu is Warn and Auto-Clean Invalid Content, however, there are other options in this menu.
It is possible that while you are navigating around ClearPoint, you come across a red message that states: “Warning: Invalid or potentially dangerous content was filtered out of this field. Please contact [email protected] for more information.”
This message indicates that the field’s HTML has potential for cross-site scripting, a security vulnerability allowing a user to alter the code that an application delivers to a user which is executed in the user’s web browser. We implemented a tool that searches for this vulnerable HTML and auto cleans it.
The Invalid Content Policy dropdown menu controls the options on this tool.
For more information about this, feel free to read this article that explains how we approached preventing cross-site scripting.