Home      FAQ      Forum      Idea Exchange      Ask a Question      My Stuff      Help   
  
Security Enhancements: Multi-factor Authentication and Session Inactivity Timeout
Hi,

I love this product!

I'm an Application Security specialist and I'd like to make a couple of suggestions in order to enhance the security of your site: 1. Multi-factor Authentication and 2. Session Inactivity timeout.

These two features are fairly simple to implement and will enhance your security significantly.

Thank you,
Dustin
ID
1290
Category
TeamDesk
Author

Dustin Lehr
Date Created
6/26/2019 8:58:46 AM
Date Updated
7/1/2019 9:05:24 AM
Status
New Idea
Score
10
Promoted By
Dustin Lehr
Comments
Slava Shinderov  Staff  6/26/2019 9:22:13 AM
@Dustin this functionality is available as part of TeamDesk Enterprise Edition:
https://www.teamdesk.net/help/14.1.3.aspx
Dustin Lehr 6/26/2019 9:26:48 AM
Ah, thanks for the link. I see that the Enterprise Edition does include a Session Timeout, but what about MFA?
Slava Shinderov  Staff  6/26/2019 9:45:48 AM
MFA can be implemented via Single Sign-on.
TeamDesk Enterprise supports SAML 2.0 as an SSO Protocol.
Jeff Aibel 7/1/2019 9:05:24 AM
You should add a 12 hour and 16 hour and 24 hour sign out option.

The rationale here is simple. If someone signs in at the beginning of an 8 hour shift (standard in the US) the system might sign them out before they are able to complete the documentation of their records. If we had a 12 hour option, they would remain signed in past the end of their shift allowing them to update their records without having to sign in again, but then would log them out if they simply forgot to.


Feedback
 
Back to Search Results