Which Workspace Security Settings Are Available?
Workspace security is mostly managed via user roles. However, some additional workspace security settings are available.
Here are the steps to edit security settings: - Login to your workspace
- On the left pane, click on "Settings > Security"
- Click on the "Settings" tab (if needed)
Here are available settings:
- Log Users Out When Inactive For
- This option allows you to enforce an auto-logout timeout for all users. This is useful if you do not want users to choose their auto-logout timeout.
- All Login Emails Must Include
- This option allows you to require that all users who log in have a certain string in their email address to login. This can be a domain name (ex: @domain1.com), a full email address (ex: admin@domain1.com), or a partial string (ex: "domain1"). Users whose email address do not match the string will not be able to login. You can specify multiple values by separating them using "," or ";" characters. When changing this parameter, we will verify that the change will not result in you getting locked out.
- All Login Methods Must Include
- This option allows you to require that users log in via specific providers such as SalesForce, QuickBooks, etc. You can specify multiple values by separating them using "," or ";" characters. When changing this parameter, we will verify that the change will not result in you getting locked out.
- Restrict Access to IPs
- This option allows you to require that all users who log in come from a specific IP range. This can be a single IP (ex: 148.20.57.0), a simple IP range (ex: 148.20.57.0-148.20.57.3), an IP block (ex: 148.20.57.0/30), an IPV6 range (ex: fe80::/10), an IP range shortcut (ex: 192.168.10.10-20), etc. Users whose email address do not match the range will not be able to login. You can specify multiple values by separating them using "," or ";" characters. When changing this parameter, we will verify that the change will not result in you getting locked out.
- Delete Transactions Older Than
- By default, transactions in excess of 100,000 are always deleted. However, you can avoid storing outdated transactions by configuring this option (as a data retention precaution). Note that when transaction are deleted because of data retention, associated credits are not deleted (unlike when you manually delete transactions).
- Protect Data Storage
- This option is enabled by default and allows you to use SQL transparent data encryption. You can learn more about this topic here. Using this option, database files on disk are always encrypted. Even operations such as importing or viewing transactions results in pages of data being encrypted and decrypted real-time. This is effective in protecting database files on disk from theft as they become useless without the key. In the future, we may add "bring your own key" capabilities.
- Limited Admins Cannot View Billing
- This option prevents limited admins from viewing billing details. While we do not store your credit card, this is useful if you want to prevent limited admins from reviewing charges, the last 4 digit of your credit card, your billing address, etc.
- Limited Admins Cannot View The Catalog
- This option prevents limited admins from viewing the product catalog. While limited admins cannot edit product catalog settings, this is useful if you want to prevent limited admins from accessing product information such as sales price, percent margin, etc.
- Limited Admins Cannot View Currencies
- This option prevents limited admins from viewing currency settings. While limited admins cannot edit currency settings, this is useful if you want to prevent limited admins from accessing currency information such as exchange rates. Note that limited admins who are promoted to plan admins will be able to review calculation logs, and learn exchange rates from those logs.
- Limited Admins Cannot View Dashboard Settings
- This option prevents limited admins from viewing personal incentive dashboard settings. While limited admins cannot edit dashboard settings, this is useful if you want to prevent limited admins from viewing how incentive dashboards are configured.
- Limited Admins Cannot View Security Settings
- This option prevents limited admins from viewing security settings. While limited admins cannot edit security settings, this is useful if you want to prevent limited admins from accessing security settings - including security limitations applied to them.
- Limited Admins Cannot View Transactions
- This option prevents limited admins from viewing transaction data. While limited admins cannot edit transaction data, this is useful if you want to prevent limited admins from accessing transaction details. Note that limited admins who are promoted to plan admins will be able to review calculation logs, and learn some transaction details from those logs.
Related Articles
Which Workspace Time Zone Settings Are Available?
Your sales teams may reside in different time zones. However, when processing transactions to perform incentive calculations, we need to use a reference time zone. Your workspace's reference time zone is used by all calculations to determine whether ...
Which Workspace Currency Settings Are Available?
Sales Cookie understands non-ambiguous symbols such as 'USD' or '€'. However, when processing transactions, we may encounter ambiguous currency symbols such as '$' (does it mean US or Australian Dollar?). Workspace currency settings help us ...
Which Personal Incentive Dashboard Settings Are Available?
Here are the steps to customize personal incentive dashboards: Login to your workspace On the left pane, click on "Settings > Dashboards" Click on the "Settings" tab (if needed) Here are available settings: Announcements This option on the ...
What Is A Workspace?
A workspace is a secure container with all your participants, sales incentive plan configuration, sales transactions, reports, etc. Good to know: Each workspace contains all your configuration and settings Most organizations will only use one single ...
What Is A Production Workspace?
A production workspace is a "real workspace" in the sense that it does not include demo data. You should use a production workspace when you are ready to implement your sales incentive program. You can also use production workspaces for experiments. ...