iMeet® Central for Enterprise plans and iMeet Central for Agency plans include Advanced Security Settings. These settings include Password Security, Trusted Email Domains, and Trusted IP Addresses.
The Advanced Security Settings can be located by going to the company admin menu (gear icon in the top right) and selecting Company Setup > Advanced > Enhanced Security
Password Security
There are three core password parameters which companies often choose to set. These parameters are:
- Password complexity requirements
- Password length
- Password change frequency
In addition, the "Remember Me" feature can be disabled such that users always have to enter their username and password to enter the site. The password security settings will trigger as long as members sign in using the company login page (companyshortname.imeetcentral.com).
Trusted Addresses
iMeet Central's major advantages include the Email Digests and Email Notifications through which members are kept informed. However, administrators may not want the sensitive information contained in digests and notifications to reside on foreign email servers.
Trusted Email Domain
The Trusted Email Domains are those domains where full email digests and notifications are sent. All other domains are considered untrusted. Untrusted domains are not sent the details normally included in Email Digests and Notifications. Untrusted domains are instead, emailed a generic notification indicating the member should log in for additional details. This prevents sensitive information from residing on untrusted email servers.
Trusted IP Addresses
To provide added security, iMeet Central account access can be limited to specific IPs or IP ranges. This restricts members from accessing iMeet Central from computers other than those coming from the specified IP address. This can be used to restrict access to the corporate network, for example, and prevent users from accessing the network from home or other locations.
Defense
Clickjack/UI Redress
Enabling this feature does not allow the iMeet Central application to be iframed on an external website. This will protect against "clickjacking," which is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on at the time.
In addition, the "Remember Me" feature can be disabled such that users always have to enter their username and password to enter the site. The password security settings will trigger as long as members sign in using the company login page (companyshortname.imeetcentral.com).