The Security Management section of PensionPro's Maintenance settings provides the means to control security-related options for Employee accounts. Employees can be given Security Rights to access PensionPro's various features, or assigned to a Security Role to quickly apply the necessary Rights. Additionally, Multi-Factor Authentication preferences can be managed for each Employee.
To access Security Management, select Maintenance > Preferences > Security Management.
Tier Availability: Business
Security Rights Required: Maintenance, Security Management
Security Rights & Security Roles
Many of PensionPro's functions and records require an Employee to possess the proper authorization(s) before they can be used or edited. These authorizations are called Security Rights. Security Rights can be assigned to an Employee one-by-one as needed, and there is no limit to how many or how few Rights an Employee can possess.
Alternately, an Employee can be assigned a Security Role. Put simply, a Security Role represents a customizable selection of Security Rights that can be easily applied to one or multiple Employees, removing the need to micromanage the Security Rights of each individual user.
Security Management provides the means to establish Security Roles and assign them—or, if preferred, assign individual Security Rights—to each Employee. These settings are covered more thoroughly in the article Security Rights & Security Roles.
Multi-Factor Authentication (MFA) is used to add an additional layer of security to the login process. When enabled, in addition to their username and password, a user will have to provide a code that is sent to them via text message or email.
Within Security Management, Multi-Factor authentication can be enabled or disabled for each Employee, and an Employee's MFA preferences can be reset if necessary. For full instructions on utilizing MFA, refer to the article Multi-Factor Authentication.
The following articles cover additional security-related features that are managed elsewhere in PensionPro:
- IP Address Whitelisting
- Single Sign-On (SSO) Authentication
- Authorized Computer Management
- Failed Logins & Account Lockout