How-To: Setting Policies for User Token Expiration, Account Locking and Template Security

Vena Support Team
Vena Support Team
  • Updated

Ensure your data is secure by implementing User Token Expiration, Account Locking and Template Security functionality easily from the Admin tab.

 

Why use this feature?

Vena has a variety of security features that you can use to ensure that your data is secure. In addition to Data and Application Permissions, Admins can use Vena's User Token Expiration, Account Locking and Template Security policies to provide additional layers of protection.

User Token Expiration (session expiration) allows Admins to set limits on idle time before a session automatically expires. This ensures that unattended browsers will automatically timeout after a set time period. 

Account Locking functionality allows Admins to define the scope of the locking behavior for users logging into Vena.

Template Security allows Admins to define IP address restrictions that require users to re-authenticate if their IP addresses change from the IP addresses registered when the user initially logged in.

 

Before you begin

In order to follow the instructions described in this article, you must have Admin access.

 

Table of contents

How to

 

How to

Set User Token Expiration policies 

  1. Navigate to the Admin tab.
  2. Select the Policies page.
  3. Select the Security tab.
    setting policies 1.jpg
  4. Locate the User Token Expiration Policies setting.
    02UserToken.jpg
    A
    Token expiration duration (minutes) (0 means infinite)
    : Admins can enter a number in this textbox for the amount of time (in minutes) after which the session will time out and the user will be automatically logged out. For example, if you enter "15" then inactive sessions will expire after 15 minutes have elapsed.
    B


    Remove access token for all sessions on logout
    : When this toggle is set to ON, users will be required to re-authenticate by logging in via the vena.io login page. When this toggle is set to OFF, SSO users can automatically log in via their Identity Provider after a session expires, while non-SSO users will still need to re-authenticate via the vena.io login page.

  5. Enter your desired number of minutes in the Token expiration duration input field.
  6. Set the Remove access token for all sessions on logout toggle to either ON or OFF.
  7. Select Save at the bottom of the page to save your changes.
    03Save.jpg

 

Note

Regardless of whether you are working on a template or in vena.io, if you are inactive for the number of minutes specified (token expiration duration), then you will be required to re-authenticate in order to continue working in vena.io.

 

Set Account Locking policies

Vena's Account Locking functionality allows you to define the scope of the locking behavior for your environment.

  1. Navigate to the Admin tab.
  2. Select the Policies page.
  3. Select the Security tab.
    setting policies 1.jpg
  4. Locate the Account Locking settings and enter the desired number for the account lockout threshold, timeframe to check failed logins and account lockout duration.
    04AccountLocking.jpg

    A

    The account lockout threshold allows the Admin to set the number of times a user may attempt to log in before their account will be locked.
    B

    The timeframe to check failed logins indicates the number of times within a certain timeframe that a user can attempt to log in before they will be locked out.

    C

    The account lockout duration indicates the duration of time (in minutes) that a user will be locked out before they can attempt to re-authenticate.

  5. Select Save at the bottom of the page to save your changes after entering the numbers in the appropriate fields.
    03Save.jpg

 

Set Template Security policies

The Template Security functionality lets Admins dictate if users are required to authenticate when their IP address changes, as well as the template timeout duration.

  1. Navigate to the Admin tab.
  2. Select the Policies page.
  3. Select the Security tab.
    setting policies 1.jpg
  4. Locate the Template Security settings, adjust the toggle and specify the desired time.
    05TemplateSecurity.jpg
    A

    Setting the toggle for Prompt for authentication when IP address changes to ON will require users to re-authenticate if their IP addresses change from the IP addresses logged when the user originally signed in. 

    For example, if a user logs in at the office, Vena records that IP address. If the user then takes their laptop home (while still signed in to Vena) and continues working, Vena will recognize a change in the IP address (work IP vs. home IP) and will require the user to re-authenticate. 

    Setting this toggle to OFF will prompt Vena to disregard any IP address changes.

    B

    The Template timeout in minutes after download allows Admins to specify how long after a template is downloaded that it will time out and require re-authentication if the user is inactive. 

  5. Select Save at the bottom of the page to save your changes.
    03Save.jpg

 

 

Was this article helpful?

1 out of 1 found this helpful