In the spirit of International Data Privacy Day on the 28th of January, we want to share some highlights from our webinar on the topic “Tips & Tricks: Privacy and Security”. This webinar emphasized principles of General Data Protection Regulation (GDPR), its compatibility with EyeQuestion and the best practices for a secure login. Our main priority is the protection of customer data using industry best standards. We would like to share some security tips with you that users can incorporate in their workflow to increase the security of their EyeQuestion accounts:
Two factor authentication (2FA)
It is a two-step verification process available for EyeQuestion users (not panellists). It is an extra step added to the login process. After entering the login credentials, the user will be prompte to enter a code which is sent to their email/SMS/Authenticator app. The availability of 2FA via SMS and the authenticator app depends upon your license, however 2FA by email is available for free to all our clients. 2FA adds an additional security layer to the authentication process making your accounts even more secure. If you would like to know more about this feature or enable it for your system, please contact the EyeQuestion support team.
Use a strong password and change it frequently
By default, the password requirement of a user is already quite strict in EyeQuestion. The password should for example contain upper and lower case characters, numbers, special characters, it should not contain the username and cannot be the same as your last password. Users with a User Manager or System Manager profile can adjust the password requirements. Complex passwords protect your accounts from the authorised access and to add an extra layer of security you can use 2FA. Changing your password periodically increases account security.
Remove the inactive users
If users are inactive -e.g. because they left the company – then you can delete these from the application. You can find the list of inactive users under Administration > System monitor > Inactive users. By checking regularly for inactive users and deciding if they should still be able to access the system will make sure that only relevant people have access to the system.
In order to limit access to Project folders, Locations and Archive folders a User Manager can setup restrictions. This functionality ensures only specific users have access to assigned folders. It can be really helpful if an organisation has multiple departments using EyeQuestion and want to limit the user’s access.