Security Settings

To create a new System User:

1. If you have access to multiple client accounts, the pane along the left-hand side of the Security Settings screen lists all of these accounts. Click on the desired account. The Security Settings screen is refreshed to show the list of System Users and Permitted Users for this account. If an account has been configured with a Parent / Child architecture, click the arrow icon next to the Parent system to expand it, and view a list of all the Child systems.

2. Above the list of existing System Users, click new user. The "Create New User" pop-up window is displayed.

3. Enter the user's personal information:

• First Name: Enter the user's first name.

• Last Name: Enter the user's last name.

• Job Title: Enter the user's job title.

• Email Address: Enter the user's email address.

• Phone: Enter the user's phone number.

• User Login: Enter the user's login username.

4. If you want the user account to be active, place a check mark in the "User Active" check box.

5. To force the user to enter a new password the first time he or she logs in, place a check mark in the "Change Password" check box. In the "Password" field, enter a temporary, one-use password. Enter this same password again in the "Confirm Password" field.

6. To send a "welcome" email to the new user, click save and send email. Or, if you're not yet ready to send the "welcome" email, click save.

7. The user is added to the “System Users” section. Optionally, to assign various defaults to the user, click the padlock icon next to the user’s name. The "Edit User Access Rights" pop-up window is displayed. This window allows you to add this new user to one or more Access Groups.

8. Within the "Defaults" section, enter the user's default settings:

• Data Source: Select the user's default data source. This option will be selected by default when the user creates items in the platform, such as Campaigns or Filters.

• Folder: Select the user's default folder location. This option will be selected by default when the user creates new foldered items.

8. Within the "Access Groups" section, place a check mark next to the desired client account (for a new user, only the currently selected client account will be available).

9. From the "Add an Access Group" drop-down menu, select the desired Access Group.

10. Optionally, to add the user to additional Access Groups, repeat step 9 as needed.

11. When finished, click save access rights.

 

To view or edit a user's information:

1. If you have access to multiple client accounts, the pane along the left-hand side of the Security Settings screen lists all of these accounts. Click on the desired account. The Security Settings screen is refreshed to show the list of System Users and Permitted Users for this account. If an account has been configured with a Parent / Child architecture, click the arrow icon next to the Parent system to expand it, and view a list of all the Child systems.

2. Click on the desired user's name. The "Edit User Details" pop-up window is displayed.

3. Optionally, make any necessary changes to the user's personal information:

• First Name: Change the user's first name.

• Last Name: Change the user's last name.

• Job Title: Change the user's job title.

• Email Address: Change the user's email address.

• Phone: Change the user's phone number.

• User Login: Change the user's login username.

4. Optionally, to deactivate the user account, remove the check mark from the "User Active" check box.

Note: User accounts can also be activated / deactivated directly from the Security Settings screen. See "Activate / Deactivate a User" below for more information.

5. Optionally, to force the user to enter a new password the next time he or she logs in, place a check mark in the "Change Password" check box. This option overrides the password expiration rules defined for this user.

6. Click save user.

 

From the Security Settings screen, you can activate or deactivate a user account.

Note: User accounts can also be activated / deactivated from the "Edit User Details" pop-up window. See View or Edit User Details for more information.

To deactivate a user account:

1. If you have access to multiple client accounts, the pane along the left-hand side of the Security Settings screen lists all of these accounts. Click on the desired account. The Security Settings screen is refreshed to show the list of System Users and Permitted Users for this account. If an account has been configured with a Parent / Child architecture, click the arrow icon next to the Parent system to expand it, and view a list of all the Child systems.

2. Next to the desired user's name, click the green check mark icon. A confirmation dialog box is displayed; click ok.

To activate a user account:

1. If you have access to multiple client accounts, the pane along the left-hand side of the Security Settings screen lists all of these accounts. Click on the desired account. The Security Settings screen is refreshed to show the list of System Users and Permitted Users for this account. If an account has been configured with a Parent / Child architecture, click the arrow icon next to the Parent system to expand it, and view a list of all the Child systems.

2. Next to the desired user's name, click the red exclamation point icon. A confirmation dialog box is displayed; click ok.

 

To view or edit a user's access rights:

1. If you have access to multiple client accounts, the pane along the left-hand side of the Security Settings screen lists all of these accounts. Click on the desired account. The Security Settings screen is refreshed to show the list of System Users and Permitted Users for this account. If an account has been configured with a Parent / Child architecture, click the arrow icon next to the Parent system to expand it, and view a list of all the Child systems.

2. Next to the desired user's name, click the padlock icon. The "Edit User Access Rights" pop-up window is displayed.

3. Within the "Defaults" section, optionally modify the user's default settings:

• Data Source: Select the user's default data source. This option will be selected by default when the user creates items in the platform, such as Campaigns or Filters.

• Folder: Select the user's default folder location. This option will be selected by default when the user creates new foldered items.

4. To add the user to a new client account, place a check mark next to the desired client account.

5. Optionally, modify the user's membership in an Access Group:

• To add the user to a new Access Group, select the desired group from the "Add an Access Group" drop-down menu.

• To remove the user from an Access Group, click the remove button ("X" icon) next to the desired group.

6. When finished, click save access rights.

 

The Security Settings screen allows you to view and edit your own Logon Policies, which includes password information and other details related to accessing the Messaging platform.

To view or edit your logon policies:

1. On the Security Settings screen, in the "Logon Policy" field, click the "Edit Current Logon Policies" link. The "Edit Logon Policies" pop-up window is displayed and populated with your current logon policies.

Note: If this is the first time you're viewing your Logon Policies, you may need to click enable logon policies to enable this feature.

2. The "Password Complexity" section allows you to define the rules regarding your user passwords. Within this section, you can define the following options:

• Complexity: Messaging supports four different character types from which you can construct a password -- lowercase letters, uppercase letters, digits, and special characters. In addition, all passwords must conform to the minimum length requirement (defined below). From the "Complexity" drop-down menu, select how many of these character types are required for a valid password. The options are "Minimum Length + 3 others" or "Minimum Length + 4 others."

• Minimum Length: In the "Minimum Length" field, enter the required minimum length for your password.

• Complexity: Depending on what you selected from the "Complexity" drop-down menu above, check exactly three check boxes, or check all four check boxes.

3. The "Password Age" section allows you to define the rules regarding your password expiration. Within this section, you can define the following options:

• Minimum Age: Enter the required minimum number of days that must pass before you can change your password again.

• Maximum Age: Enter the required maximum number of days after which the system will force you to change your password.

• May Not Use Last: Optionally, you can be prohibited from reusing previous passwords. Enter the number of past passwords that can't be reused.

• Session Expiration: Enter the time period (in minutes) of inactivity before the system will automatically log you off.

• Expiration Warning: Enter the time period (in minutes) prior to being automatically logged off when the system will display a session expiration warning. This warning allows you to extend your session.

4. The "Password Reset Configuration" section allows you to define the rules that control password reset links. When a user needs to reset their password, the platform emails them a link containing a token; the token allows the user to reset their password. The default behavior for this token is to remain valid for a certain period of time (default period is 24 hours), and then deactivate the token once the user changes their password. This behavior allows the user to click the link multiple times within the expiration period. Optionally, check Deactivate token after first click to change this behavior to deactivate the token after the first time the user clicks the link. 

5. The "Login Attempts" section allows you to define the user account deactivation rules. Within this section, you can define the following options:

• Login Attempt: Enter the maximum allowable number of unsuccessful logon attempts before the system locks your account.

• Deactivate After: Select the time period (in days) after which the system will automatically deactivate your account if there's no logon activity. The options are 15, 30, or 60 days.

• Delete After: Select the time period (in days) after which the system will automatically delete your account if there's no logon activity. The options are 80, 100, or 120 days.

6. The "API Keys" section allows you to define the rules regarding API authentication (see API Authentication for more details on how to request an API token). Within this section, you can define the following options:

• Login Attempts: Enter the maximum allowable number of unsuccessful API token requests before the system locks your account

• Deactivate Token After: Select the time period (in hours) after which the system will automatically deactivate your API token, and require you to request a new token.

7. When finished, click save policy.

By default, the platform comes with five Access Groups that are typically sufficient for most needs. These groups can be edited (see "View or Edit an Access Group" below), or new groups can be created, if needed.

To create a new Access Group:

1. If you have access to multiple client accounts, the pane along the left-hand side of the Security Settings screen lists all of these accounts. Click on the desired account. The Security Settings screen is refreshed to show the list of Access Groups for this account. If an account has been configured with a Parent / Child architecture, click the arrow icon next to the Parent system to expand it, and view a list of all the Child systems.

2. Above the list of existing Access Groups, click new group. The "Edit Access Group Rights" pop-up window is displayed.

3. In the "Group Name" field, enter a name for this new Access Group.

4. The "Edit Access Group Rights" pop-up window displays a list of all the various features and options within the platform, organized into functional areas, such as "Campaigns" or "Reporting," for example. For each feature, place a check mark next to the permissible actions allowed by users in this Access Group. The available actions will vary between functional areas. For example, the Campaign section includes all the different channels, and you can configure the ability to "Read," "Create," "Update," "Delete," "Proof," "Launch," and / or "Approve" a Campaign for each channel. The pop-up window provides the following features to make it easier to make the desired selections:

• The "Jump to" section at the bottom of the window allows you to quickly navigate between the different functional areas.

• To check all of the check boxes within a column, click the column header. Click the column header again to uncheck all the check boxes in this column.

• To check all of the check boxes within a row, click the feature name. Click the feature name again to uncheck all the check boxes in this row.

• To check all of the check boxes within a functional area, click the "Select all" link in the top-right corner of the functional area. Click this link again to uncheck all the check boxes in this area.

• To check all of the check boxes, across all functional areas, click the "Select all" link within the "Jump to" section. Click this link again to uncheck all of the check boxes across all functional areas.

5. When finished, click save group.

 

By default, the platform comes with five Access Groups that are typically sufficient for most needs. These groups can be edited, or new groups can be created (see "Create a New Access Group" above), if needed.

To view or edit an existing Access Group:

1. If you have access to multiple client accounts, the pane along the left-hand side of the Security Settings screen lists all of these accounts. Click on the desired account. The Security Settings screen is refreshed to show the list of Access Groups for this account. If an account has been configured with a Parent / Child architecture, click the arrow icon next to the Parent system to expand it, and view a list of all the Child systems.

2. Click the desired Access Group. The "Edit Access Group Rights" pop-up window is displayed and populated with the current permission settings for this group.

3. Optionally, in the "Group Name" field, enter a new name for this new Access Group.

4. The "Edit Access Group Rights" pop-up window displays a list of all the various features and options within the platform, organized into functional areas, such as "Campaigns" or "Reporting," for example. If necessary, check or uncheck the permissible actions allowed by users in this Access Group. The pop-up window provides the following features to make it easier to make the desired modifications:

• The "Jump to" section at the bottom of the window allows you to quickly navigate between the different functional areas.

• To check all of the check boxes within a column, click the column header. Click the column header again to uncheck all the check boxes in this column.

• To check all of the check boxes within a row, click the feature name. Click the feature name again to uncheck all the check boxes in this row.

• To check all of the check boxes within a functional area, click the "Select all" link in the top-right corner of the functional area. Click this link again to uncheck all the check boxes in this area.

• To check all of the check boxes, across all functional areas, click the "Select all" link within the "Jump to" section. Click this link again to uncheck all of the check boxes across all functional areas.

5. When finished, click save group.

 

Clients who need to restrict user access to the Messaging application can define a whitelist of valid IP addresses from which their users must access the platform. For example, if you want to force your users to log into the application only from their work computers, you could whitelist your corporate IP address. The whitelisted IP addresses are assigned to an Access Group, so that any user who is then assigned to this Access Group must conform to the IP address restriction.

To define a Whitelist IP Address for an Access Group:

1. If you have access to multiple client accounts, the pane along the left-hand side of the Security Settings screen lists all of these accounts. Click on the desired account. The Security Settings screen is refreshed to show the list of Access Groups for this account. If an account has been configured with a Parent / Child architecture, click the arrow icon next to the Parent system to expand it, and view a list of all the Child systems.

2. Next to the desired Access Group name, click the IP Whitelist icon. The "Edit IP Whitelist" pop-up window is displayed and populated with any previously-assigned IP addresses.

3. To enter a new IP address, select the type of IP address:

Single AddressSingle Address

Address RangeAddress Range

Classless Inter-Domain Routing (CIDR)Classless Inter-Domain Routing (CIDR)

4. If you need to remove an IP address from the whitelist, click the remove button ("X" icon). A confirmation dialog box is displayed. Click delete record.

5. When finished, click close.