Client Security Guide



Similar documents
Welcome (slide 1) Welcome to the Florida Department of Education Single Sign-On tutorial for federated user login and navigation.

Central Desktop Enterprise Edition (Security Pack)

Step 1. Step 2. Open your browser and go to and you will be presented a logon screen show below.

Parental Control Setup Guide

NATIONAL CYBER SECURITY AWARENESS MONTH

Secure Global Desktop (SGD)

Egnyte Single Sign-On (SSO) Installation for OneLogin

Single Sign-on Frequently Asked Questions

IIS, FTP Server and Windows

Business Internet Banking / Cash Management Fraud Prevention Best Practices

Coillte IT has recently upgraded the Remote Access Solution to a new platform.

Sound Business Practices for Businesses to Mitigate Corporate Account Takeover

EMR Link Server Interface Installation

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

Protecting your business from fraud

Business ebanking Fraud Prevention Best Practices

SonicWALL Security Quick Start Guide. Version 4.6

Stoneware Inc. Hyland Software OnBase. Stoneware, Inc.

Security Tips You are here: Home» Security Tips

Multi-Factor Authentication (FMA) A new security feature for Home Banking. Frequently Asked Questions 8/17/2006

Getting Started with AD/LDAP SSO

Online Banking Fraud Prevention Recommendations and Best Practices

Dial-up Installation for CWOPA Users (Windows Operating System)

User Guide Microsoft Exchange Remote Test Instructions

OneLogin Integration User Guide

Guide to Configuring the UHU Wireless Network for Windows Vista

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

To set up Egnyte so employees can log in using SSO, follow the steps below to configure VMware Horizon and Egnyte to work with each other.

Internet Banking. Business Call Account. Keeping things simple. That s what we do.

Recognizing Spam. IT Computer Technical Support Newsletter

NeoMail Guide. Neotel (Pty) Ltd

ResNet Connection for Windows 8

& INTERNET FRAUD

How to Access Coast Wi-Fi

Verizon Enterprise Center Overview CALNET 3 User Guide

Central Administration User Guide

Using Remote Desktop with No-IP

Defense Media Activity Guide To Keeping Your Social Media Accounts Secure

Connecting to Remote Desktop Windows Users

Automatic Setup... 1 Manual Setup... 2 Installing the Wireless Certificates... 18

Junos Pulse VPN Client Installation

Virtual Cabinet Document Portal User Guide

Virtual Code Authentication User s Guide. June 25, 2015

InfoRouter LDAP Authentication Web Service documentation for inforouter Versions 7.5.x & 8.x

TRIPwire HSIN Federation:

SchoolBooking SSO Integration Guide

FileCloud Security FAQ

Remote Desktop Administration

Livezilla How to Install on Shared Hosting By: Jon Manning

How do I use Citrix Staff Remote Desktop

Your Archiving Service

Internet Banking. Keeping things simple. That s what we do.

FILTERING FAQ

SMS Identity Confirmation. Enablement Plan for System Administrators February 2013

eprism Security Suite

Malware & Botnets. Botnets

Copyright

Setting up Remote Desktop

Remote Desktop access via Faculty Terminal Server Using Internet Explorer (versions 5.x-7.x)

Security Implementation Guide

Folder Proxy + OWA + ECP/EAC Guide. Version 2.0 April 2016

Identity & Access Management in the Cloud: Fewer passwords, more productivity

How To Use Salesforce Identity Features

Google Identity Services for work

RemotelyAnywhere Getting Started Guide

Reliance Bank Fraud Prevention Best Practices

Enhanced Security for Online Banking

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

Egnyte Single Sign-On (SSO) Installation for Okta

Cyber Security: Software Security and Hard Drive Encryption

NetBeat NAC Version 9.2 Build 4 Release Notes

FFIEC CONSUMER GUIDANCE

Accessing TP SSL VPN

Quick Instructions Installing on a VPS (Virtual Private Server)

User Guide. Version R91. English

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Security Provider Integration Kerberos Authentication

Creating Custom Nameservers Contents

Kaseya Server Instal ation User Guide June 6, 2008

User Guide for eduroam

How To Set Up Chime For A Coworker On Windows (Windows) With A Windows 7 (Windows 7) On A Windows 8.1 (Windows 8) With An Ipad (Windows).Net (Windows Xp

User Management Tool 1.5

SCADA Security. Enabling Integrated Windows Authentication For CitectSCADA Web Client. Applies To: CitectSCADA 6.xx and 7.xx VijeoCitect 6.xx and 7.

Quarantined Messages 5 What are quarantined messages? 5 What username and password do I use to access my quarantined messages? 5

Basic, Professional & Professional Box

VERALAB LDAP Configuration Guide

eprism Security Suite

2-FACTOR AUTHENTICATION WITH

Flexible Identity Federation

Secure Messaging Service

Configuring a Windows 2003 Server for IAS

ResNet Guide. Information & Learning Services. Here to support your study and research

Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

Defender Token Deployment System Quick Start Guide

Integration Guide. Swivel Secure Authentication

Law School Computing Services User Memo

Alert Notification of Critical Results (ANCR) Public Domain Deployment Instructions

CC File Transfer. User Manual

Virtual Code Authentication User Guide for Administrators

Transcription:

Client Security Guide NEXT GENERATION CLOUD-SECURITY www.exacttarget.com

NEXT GENERATION CLOUD-SECURITY Companies across the globe are facing continuously evolving threats focused on obtaining an individual s login credentials in order to gain access to sensitive data. As part of our aggressive, multi-layered approach to protect client data, we are introducing our next generation cloud-security solutions named Protected by ExactTarget. Built upon our certified enterprise security capabilities, infrastructure, system access controls, real-time system monitoring, and active preventative technologies, Protected by ExactTarget is focused on three key areas: Infrastructure and data center security Security education for employees, clients, and partners Innovation to deliver the next generation of cloud-based security Our next generation cloud-security solutions add to our intuitive technologies to further protect client data. These include limiting access to the ExactTarget system using Two-Factor Authentication, restricting how data can be exported, continuing proactive behavior monitoring and alerting that detects suspicious user activity, and adding a series of advanced enterprise security solutions. At ExactTarget, the security of your data remains a top priority. Read on to learn more. What's Inside? 3 next generation cloud-security 4 recommended next steps 5 TWO-FACTOR AUTHENTICATION 6 The importance of individual user accounts 7 data export controls 8 Additional security Controls 9 Be vigilant against phishing attempts 10 faqs 2 www.exacttarget.com

Next generation cloud-security Now available within your account We re cooperatively working with clients to implement a set of next generation cloud-security solutions. This includes limiting access to the ExactTarget application using Two-Factor Authentication (similar to how financial institutions restrict access to online banking tools), as well as limiting how data can be exported from the ExactTarget application. Q1 2011 WATCHDOG BEHAVIOR MONITORING by ExactTarget Security Team (pg. 8) AVAILABLE NOW TWO-FACTOR AUTHENTICATION (pg. 5) DATA EXPORT CONTROLS (pg.7) LOGIN IP WHITELISTING (pg.8) COMING SOON ENTERPRISE SINGLE SIGN-ON Available (pg. 8) COMING SOON WATCHDOG available in the Interactive Marketing Hub (pg.8) WANT MORE INFORMATION BEFORE IMPLEMENTING these CONTROLS? In addition to the information available in this Client Security Guide, you may also access several security tutorials in 3Sixty or attend one of our upcoming security webinars. 3 www.exacttarget.com

Recommended next steps: To prepare for Two-factor Authentication pg.5 Visit the Administration panel in the ExactTarget Application to configure settings for Identity Validation. Setup > Administration > Security Settings > Identity Validation Make sure each ExactTarget user within your organization is not sharing a login. Make sure each user has a valid email address. Alert your users about the new login experience. To prepare for Data Export Controls pg. 7 Visit the Administration panel in the ExactTarget Application to configure settings for Data Export Controls. Setup > Administration > Security Settings > Data Export Controls Enter your approved list of email addresses and email domains that can receive data exports from the ExactTarget system. Turn on Data Export Controls. Consider implementing optional Login IP Whitelisting, which enables your users to bypass the Identity Validation process when coming from approved IP addresses. Turn on Identity Validation and/or Login IP Whitelisting. 4 www.exacttarget.com

TWO-FACTOR AUTHENTICATION Identity Validation Two-Factor Authentication is a way to prevent unauthorized access to the ExactTarget application by requiring more than a username and password at login (similar to how you might access an online banking account). HOW THIS IMPACTS YOU When logging into the ExactTarget application, users will be prompted to activate their machine by entering an activation code sent to the email address associated with the user s account. All users must have a valid email address associated with their account. 5 www.exacttarget.com

THE IMPORTANCE OF INDIVIDUAL USER ACCOUNTS ExactTarget s Watchdog behavior monitoring system will begin treating shared user activity as suspicious since this is a common pattern of behavior when credentials have been compromised. Criminals are using advanced threats to target individuals in an attempt to compromise an individual s login credentials and gain access to further sensitive information. ExactTarget is putting a set of next generation cloud-security solutions in place to protect against this targeted threat, as well as increasing the level of scrutiny on user behavior to recognize common threat patterns that occur when an individual user s credentials have been compromised. Strong security practices are built on the premise that each individual uses their own login to access the ExactTarget system. The identity validation process requires that each user is an individual and is able to confirm their identity when logging into the application for the first time. Therefore, the implementation of these additional security controls means that shared user logins will no longer function normally. WHAT YOU NEED TO DO Prepare your team for Two-Factor Authentication by ensuring all ExactTarget users within your organization are not sharing a login and have a valid email address. 6 www.exacttarget.com

DATA EXPORT CONTROLS Data Export Controls provide increased protection against unauthorized data access by limiting how data can be exported from the ExactTarget application. This gives administrators control of the email addresses that are acceptable for receiving data exports. HOW THIS IMPACTS YOU When exporting data to an email address, users will only be able to export data to an email address that is whitelisted. Administrators will be able to set up an approved list of emails within the administration panel. 7 www.exacttarget.com

ADDITIONAL SECURITY CONTROLS Identity Validation and Data Export Controls are only part of ExactTarget s next generation cloud-security solutions. You may also implement controls to limit system access by IP address, use additional enterprise security controls, and access our real-time administrative monitoring and alerting technology, Watchdog, via the Interactive Marketing Hub. TWO-FACTOR AUTHENTICATION DATA EXPORT CONTROLS LOGIN IP WHITELISTING WATCHDOG MONITORING AND ALERTS ADVANCED SECURITY SOLUTIONS (Single Sign-on) Login IP Whitelisting: IP Whitelisting enables you to only allow approved computer and network addresses to access the ExactTarget application. (Available now.) Watchdog: Watchdog is ExactTarget s proactive behavior-monitoring system and detects threat patterns and suspicious activity that could potentially lead to unauthorized access to ExactTarget accounts. Enterprise Single Sign-On: ExactTarget s SAML 2.0 Support enables enterprises to setup ExactTarget as a service provider within a federated identity solution. 8 www.exacttarget.com

BE VIGILANT Against PHISHING ATTEMPTS remember: ExactTarget will NEVER ask you for your username and password or other sensitive information outside the application. In order to set up these new security controls, you will always be required to log in to your account directly. We will not ask you to provide any information outside of the ExactTarget application. Make sure users remain aware. NEVER click on links in suspicious emails, Facebook posts, or Tweets even if they seem legitimate. 1 4 2 3 NEVER download or open files unless you are 100% sure they re safe to open. NEVER share your passwords with anyone ever. 5 NEVER provide sensitive information like passwords or account numbers to others unless you visit a trusted website by typing the web address into the browser yourself. ALWAYS keep your web browser and antivirus software up-to-date. 9 www.exacttarget.com

FREQUENTLY ASKED QUESTIONS What is Two-Factor Authentication? Two-Factor Authentication is a way to prevent unauthorized access to systems by requiring more than a username and password at login (similar to how you might access your online banking account). What is Identity Validation? Identity Validation requires users to verify who they are by entering an activation code sent to their email address, which activates their machine and enables them to continue the login process. What are Data Export Controls? Data Export Controls provide clients increased protection against unauthorized data access. The Email Whitelisting feature ensures exported data is sent only to approved email addresses. What is Login IP Whitelisting? Login IP Whitelisting enables clients to only allow approved computer and network addresses to access the ExactTarget application. 10 www.exacttarget.com

www.exacttarget.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information