Product Update: November 2023

As we continue to prioritize product security, we're excited to share a security-focused update.

This month, we've added a set of new and robust features with a focus on control and customization—making it easier than ever to adjust various settings to match your security preferences and needs.

Watch the video to learn what this means for you

Enhancing Your Security with Multi-Factor Authentication

Here are the key benefits you can expect:

1. Greater Security: MFA adds an extra layer of protection to your Balance account by requiring multiple forms of verification before granting access. This significantly reduces the risk of unauthorized access and fortifies your account against various security threats.  

2. Seamless User Experience: We understand that security measures should not compromise usability. Our MFA implementation has been designed with a focus on providing a seamless and user-friendly experience. Once set up, the authentication process will seamlessly integrate into your regular login routine.

3. Admin Controls for Organizations: With granular control over MFA settings, you can ensure a consistent and secure authentication process for all team members. As an admin, you can choose to enforce MFA for all users, or selectively exempt Single Sign-on (SSO) users. 

4. Flexibility in Authentication Methods: Choose from a variety of authentication methods to suit your preferences and security needs. Whether it's through SMS or authenticator apps, select the method that aligns best with your workflow.

How to Enable MFA:

Enabling MFA for your account is a simple and straightforward process. Head to your account settings, navigate to the security section, and follow the prompts to set up your preferred authentication method(s).

If you encounter any issues or have questions regarding Multi-Factor Authentication, reach out to your account manager, and we'll be happy to guide you through the process.

In addition to MFA, below are the additional security enhancements now available:

Enterprise Login Capabilities

Balance now provides SSO, allowing users to sign in using their existing credentials. This eliminates the need to create a new username and password for the dashboard, enabling safe access with just a single click. 

Session Management

These features let you view and configure various session factors such as their duration or how many active sessions a user can have. You can even revoke all sessions of a specific user.

1. User Lockout: Safeguard against Brute Force attacks by specifying the allowable number of login attempts, thwarting malicious attempts to gain unauthorized access.

2. Password History Policy: Optimize password security with a history policy. Specify the number of passwords per user to remember, reinforcing protection against unauthorized access.

3. Idle Session Timeout: Control the duration of inactive user sessions, automatically terminating them for heightened security.

4. Force Re-login: Decide whether users should log in again when their session reaches the time limit, adding an extra layer of security.

5. Maximum Concurrent Sessions: Manage the number of simultaneous user sessions, preventing misuse and enhancing control over account access.

IP & Domain Restrictions

Balance now provides multiple ways to finely control user access. This allows you to manage access to different dashboard capabilities based on their location or domain.

1. IP Allow/Deny: Specify the exact IP addresses you want to permit or restrict, providing precise control over who can access your account. 

2. Approved Email Domains: Enable or disable the invitation of users with approved email domains, ensuring only trusted entities join your account.

Important note: Only admin users will have access to these features. Specifically for MFA, the default setting will be "Don't Force" initially.

After two weeks, Balance will enforce MFA. This means admin users won't have the option to disable MFA. If there's a unique need to disable it, feel free to contact the Balance team for assistance.

Product Spotlight

The Balance Roles and Permissions capability allows you to assign specific permissions to each of your team members, control the actions that can be performed, minimize risk, and improve overall security. 

Users of the Balance dashboard have four role-based permission levels: Admin, viewer, vendor specialist, and support specialist. It is possible for a user to have multiple roles and therefore, will have the combined permissions of each role to which they are assigned. In addition, unsupported actions will be hidden if a user does not have permission to perform them. 

You can read more about roles and permissions here.