Engage Digital | Configuring security settings

Security settings allow you to configure settings related to your general security, user password settings, and content security policy. You can navigate to Security under Settings in the left-hand navigation bar.

Configuring general security settings

You can manage the following general security settings:
  • Disable browser notifications: Disables browser notifications from the platform
  • Deny iframe integration: Prevents iframe pages from being rendered
  • Export to staging: Enables daily pre-production data export from the platform
  • Disable third-party services (tracking ...): Deactivates tracking in the platform such as email tracking, and features such as spell check, video player, and png statistics export. No more data will be sent to optional third parties
  • Session timeout: Sets the time in minutes when a session times out. Once the timeout occurs, you will have to log in again

Configuring user password settings

You can manage the following user password settings:
  • Enable password expiration: Enables passwords to expire
  • Password expiration delay: Allows you to set up an expiration delay for a password. You can use minutes (m), hours (h), days (d) and months (mo)
  • Prohibit reusing old passwords: Prevents users from using old passwords when changing their password
  • Number of old passwords: Defines how many old passwords a user cannot use when changing their password
  • Minimum character length: Specifies the minimum length of a password
  • Should contain at least 1 uppercase and 1 lowercase character: Requires that the password contain at least one uppercase and one lowercase character
  • Should contain at least 1 number: Requires that the password contain at least one number
  • Should contain at least 1 non-alphanumeric character: Requires that the password contain at least one special character
  • Disable password autocomplete: Disables the password auto-complete function
  • Disable password recovery by email: Disables password recovery by email

Configuring content security policy settings

A Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including cross-site scripting and data injection attacks. A policy may enforce a stricter execution mode for JavaScript in order to prevent certain cross-site scripting attacks.
You can manage the following CSP settings:
  • Enable Content Security Policy Header: Enables the use of a CSP header to allow the web site administrator to control the resources that may be loaded for a given web page.
    When a header is used in a server response, a compliant client will enforce a declarative whitelist policy
  • Enable test mode (Report-Only): Enables the deployment of CSP in a report-only mode. The policy will not be enforced, but any violations will be reported. This option can be used to test a policy revision without actually deploying it
  • Whitelist: Specifies a list of permitted web content sources
© 1999-2022 RingCentral, Inc. All rights reserved.
We've sent you a link, please check your phone!
Please allow a full minute between phone number submissions.
There was an issue with SMS sending. Please try again. If the issue persists, please contact support.