Security Configuration
This configuration addresses a client organization's business requirements for data protection, that is, if the client has extremely sensitive data, and they wish to enact additional authentication measures to protect that data. Clients can also use this security configuration to fulfill specific policies around data protection, or protection of user credentials. The level of security must fit the client's need.
The 2-step verification requires a user to enter a telephone (or mobile) number the first time that they log in (or after the functionality is enabled). The application registers the user contact information and contact method (SMS or telephone call). If a user needs to re-register, or is locked out of their account, you can manage their individual settings directly in their account information, as shown here:
The authentication window can also be configure to not require a user to repeat the 2-step login process during a specified time frame (in number of hours). In addition to the authentication window, you can configure the views that require this authentication type. For more information about setting up this security protocol, see Modify the 2-Step Verification Settings.
Data encryption in the database is also available as a security feature. You can configure the system to use a client-controlled encryption key. See Bring Your Own Key Encryption.