Knowledge Base / Admin Console / Security Overview

Security Overview

5 min read Last updated: March 24, 2025

The Security section of the Admin Console provides administrators with robust tools to protect company data, manage authentication methods, and control access to your ActionAtlas environment. Configure comprehensive security settings to comply with your organization's security requirements.

Security Dashboard Overview

The Security Dashboard gives administrators a centralized view of current security settings and potential vulnerabilities in your ActionAtlas tenant. This hub allows quick assessment of your security posture and access to configuration tools.

Security Configuration Options

Essential security settings available in the Admin Console:

  • Password Policies - Configure complexity requirements and expiration
  • Multi-factor Authentication (MFA) - Enable and manage 2FA requirements
  • Single Sign-On (SSO) - Integrate with enterprise identity providers
Security Best Practices

Recommended configurations for optimal security:

  • Enforce strong password requirements
  • Require MFA for all administrative accounts
  • Implement SSO with your corporate IdP

Password Settings

Configure password requirements that align with your organization's security policies to ensure strong authentication for all users.

Available Password Policy Settings:
  • Minimum Length - Set the required number of characters (8-64)
  • Character Requirements - Enforce uppercase, lowercase, numeric, or special characters
  • Password Expiration - Set how frequently passwords must be changed
  • Password History - Prevent reuse of previous passwords
  • Account Lockout - Configure failed attempt thresholds and lockout duration

Note: Enterprise customers can sync password policies from their identity provider when using SSO integration, overriding local settings.

Multi-factor Authentication (MFA)

Multi-factor Authentication adds an additional layer of security by requiring users to verify their identity using a second factor beyond just a password. ActionAtlas supports multiple authentication methods to accommodate your security needs.

MFA Configuration Options:
Authentication Methods
  • Mobile Authenticator Apps - Google Authenticator, Microsoft Authenticator, etc.
  • SMS Verification - One-time codes sent via text message
  • Email Verification - One-time codes sent to verified email addresses
  • Hardware Security Keys - FIDO2/WebAuthn compatible devices (Enterprise plans only)

Best Practice: Enable MFA for all administrator accounts and consider requiring it for all users, especially those who access sensitive data.

Single Sign-On (SSO)

Single Sign-On allows users to authenticate once with their corporate credentials and gain access to ActionAtlas without requiring a separate login. This improves security by centralizing authentication and leveraging your existing identity infrastructure.

Supported Identity Providers:
  • Microsoft Azure AD / Entra ID - Integration with Microsoft's identity platform
  • Google Workspace - Authentication using Google accounts
  • Okta - Enterprise identity management
  • Auth0 - Flexible authentication service
  • SAML 2.0 - Standard protocol supported by many identity providers
  • OpenID Connect - OAuth 2.0 based authentication
SSO Implementation Steps:
  1. Select your identity provider from the supported options
  2. Configure the connection details (endpoints, certificates, client IDs)
  3. Map identity provider attributes to ActionAtlas user properties
  4. Test the SSO connection
  5. Deploy to all users with optional grace period

Note: SSO functionality is available on Business and Enterprise plans. Enterprise plans include advanced features like JIT (Just-in-Time) provisioning and custom attribute mapping.

Security Best Practices

Follow these recommended practices to maintain a secure ActionAtlas environment:

Authentication Recommendations
  • Enforce complex passwords (12+ characters)
  • Enable MFA for all administrative accounts
  • Implement SSO with your corporate identity provider
  • Set appropriate password expiration policies
  • Configure account lockout after failed attempts
Access Control Recommendations
  • Apply principle of least privilege for all roles
  • Regularly audit user permissions and access
  • Set appropriate session timeout durations
  • Monitor and review security logs
  • Establish offboarding procedures for departing users

Need Help?

Our security specialists are available to assist with questions about configuring security settings for your organization.

Contact Support