Advanced Security Options
We know that the security of your data is crucial to you, and it’s our top priority. Workzone exercises great care to secure your company’s confidential information. Workzone uses multi-layered security to protect your data, and we are continuously engaged in examining and updating security as we update our service.
All data transmissions are protected via 256-bit financial-grade encryption. The lock icon in the browser indicates that your data is fully secure while in transit over the internet.
Each Workzone user must log in with his/her email address and a strong password. When you enter your password to log into Workzone, your password is encrypted as it travels across the internet, so it cannot be intercepted.
-
Session Timeout
If a user who is logged into Workzone does not click any link or access any new resources from the server for 60 minutes or one week (depending on your site’s setting), the user’s session will time out and the user will be logged out of the system.
(Note: To change this interval, as an Administrator, go to the Automatic logout interval page under Global Settings on the Settings page for all workspaces. Access to the one-week logout time interval requires that you have not disabled user-specific cookies under the “Other Features” section on the Features to Display page. Additionally, only users that have checked the “Remember me” box on the log in page will have access to the extended 1 week logout interval.)
For those organizations that require enhanced security measures to make unauthorized access of Workzone even more difficult, there are a number of additional security features within Workzone that may be enabled. These features are not enabled by default because they make Workzone more difficult/inconvenient to access by the authorized user.
These settings are specified on the “Features to display” page, under the Global Settings section under Settings for ALL WORKSPACES. Scroll down to the Other Features section. Only Administrators can set these defaults for your organization.
Click the check boxes next to the optional features, listed with bold text below, that you would like to enable. These settings apply to all workspaces and cannot be overridden at the workspace level.
-
Expiring User IDs
When this security feature is enabled, if a user has not logged in to WorkZone within the past 30 days, the user account will be disabled, preventing log in. An Administrator or a Manager with access to the account (in the case of Reviewer or Partner users) will then be able to reactivate the account by editing the user under Settings.
-
Expiring Passwords
This feature requires that each user change his/her password every 90 days. When a user logs in after 90 days have passed since the password was last changed, the user will be taken to a screen to change his/her password.
-
Disable User-Specific Cookies
When this feature is enabled, Workzone will not employ user-specific cookies to save login and password information for the user. The user will need to log in manually each time he/she accesses Workzone, whether logging in from the log-in page or when clicking on a Workzone link sent by a Workzone user. Links will still take the user to the appropriate location once the user has logged in. When this feature is enabled, the login page will not include the “Remember me” checkbox or the “Forgot password” link.