Introduction to our New Security Settings

Nothing can bring a real sense of security except true love. We do love you, for sure, but in a world of complex threats we want to, tangibly, offer you a secure service as well.

That is why we’re proudly introducing our new Security Settings!

Our conscious developers’ team has been working during the past few weeks on a series of configurable settings that will protect you more effectively against any malicious hacking and mischiefs. As the account owner, you – and only you- will now have actual control on the security of your SnapEngage account.

*The new security settings are available on premier, unlimited and enterprise accounts.


Password Rules

The security of your team’s passwords is by all means imperative for the overall security of your account. You are, now, able to choose among and combine a series of password requirements that will add up to the password complexity and increase the difficulty of password cracking.

Being safe is good but being paranoid with safety could drive your team crazy since every time you increase the requirements of your passwords all your users passwords will be expired. For your users’ sake, keep this to a minimum!

1st

Password Complexity

Your password complexity can be based on four different elements; namely  length, mIxed caSE LetTers, special characters! and user information. 

Length

Each added character in your password increases exponentially the time it would theoretically take for it to be cracked. ‘alongerpassword’ would be harder to crack than ‘password’. Thus, you can require your users to set their password using a certain number of characters.

Require letters in mix case

By requiring your users to combine both upper case and lower case characters also improves the password strength. In such a case ‘notsafepassword’ would not be accepted but a ‘safePassword’ would have to be used instead.

Require at least one special character

Can question marks strengthen your password? Yes they can!!! Exactly as exclamation marks can also do. So, require your users to include at least one special character (non-alphabetic and non-numeric) in their passwords and instead of having a ‘notsafepassword’ to create a ‘safepassword!’ or a ‘safe+password’. With so many special characters one can be quite creative 😉 .

Password cannot contain user information

If someone tries to guess your password, it is more likely than not that they will also try to get information from your users login. This is common practice for hackers because it is also a common for users to include elements from their login in their passwords in order to, more easily, remember them. That is why you should make sure that your users are not using parts of their login information in their password. Thus, if you log in your SnapEngage account with the email: name.surname@domain.com, you  would not be allowed to use neither ‘name’ nor ‘surname’ in your password.

Password Handling

Besides the password complexity per se, there are more tools at your disposal which can increase your account’s safety, the first one of them being the password originality.

Require password originality and forbid password reuse

Why prohibit password reuse? -Because of risk mitigation and human psychology.

Imagine that you become aware of a password leak in your administration. The first and easiest thing to do, would be to ask your account owner to reset all user passwords. Nevertheless, we, humans, tend to be wary of changing our passwords. Many of us would actually decide to just  set our old password as our new one again; this however, would render the safety action of resetting all passwords useless. To make sure this does not happen, you can disallow password reuse when a user renews their password.

You have the option to either not allow any password that has been used during the last 1, 6 or 12 months or any of the 5-8 most recently used passwords.

2nd

*If the two password settings get compared, we would consider the ‘x last passwords’ option more secure than ‘passwords in the last x months’.

Password expires automatically

By using this option you obligate your users to renew their password on a recurring basis (every 1,3,6 or 12 months).

Lock account after a number of failed login attempts

We are no robots and same applies for you and your colleagues. As humans, we all make mistakes and we are entitled to forgetting one of the many passwords that we are required to use in our everyday life. Many of us use multiple email accounts – personal and professional – Facebook, twitter and other social media, credit cards etc.These are many passwords and pins that we need to remember.

Nevertheless, many failed attempts to log in an account could also mean that somebody is trying to hack it. Thus, after a certain amount of failed attempts you can have an account locked which will then be unlocked again after a certain amount of time (except if specifically required to be locked permanently) or manually from the admin dashboard.


Access Rules

To, even further, protect your account, you can allow restricted access to SnapEngage based on IP addresses. You can either give specific IP addresses or use wildcards.

6th

For more details on the Access rules please click here.

Deactivate an agent’s account due to inactivity

Automatically deactivating an agent’s account if they haven’t logged in for a set amount of time is another additional safety measure that you can decide to use.

 

Whatever the settings that you decide to use are, please remember that the basic rule is to always play it safe. It might get a bit uncomfortable at some point but it can save you from a lot of trouble later.

 

 

Use Salesforce Solutions for your knowledgebase

Salesforce Solutions allows you to create articles to help answer common problems. By connecting your Solutions articles to SnapEngage you will be able to search these articles to quickly answer your customers questions from within the SnapEngage chat portal.

To set everything up please follow these steps:

Make sure that you have the Salesforce integration connected. You can check this by going to the “Integrations” tab in the admin dashboard where you should see this screen:

Screen Shot 2014-06-12 at 5.39.03 PM

Look for the green “Connected” message. If it’s present, proceed by clicking on “Knowledgebases” tab then click on the Salesforce icon. If you see a red “Not Connected” message please follow these steps.

Screen Shot 2014-06-11 at 5.45.13 PM

Next, click on the “Save” button:

Screen Shot 2014-06-11 at 5.45.19 PM

After that, create a Solution in Salesforce if you don’t have one already:

Screen Shot 2014-06-12 at 5.40.00 PM

Make sure that the Solution is set to reviewed, we will not list any drafts.

Screen Shot 2014-06-12 at 5.40.54 PM

Now, whenever you get stuck, you can search your Solutions in the chat portal knowledgebase for the answer:

Screen Shot 2014-06-12 at 5.54.35 PM

Good luck chatting!

SnapEngage Chat, Now Live in the SAP Store

We are very pleased to announce our newest integration with SAP and specifically the SAP Business ByDesign CRM. For those of you unfamiliar with SAP Business ByDesign and the SAP family of “Line of Business” applications, feel free to pop on over to the SAP Insider to learn more: “End-to-End Business Processes in the Cloud – A Tour of Today’sBusiness ByDesign” for some background that explains the solution.

Current SAP Business ByDesign customers can subscribe to SnapEngage from the SAP Store.  Configuring the integration is easily done by logging  into your account and heading right over to the Set Destination Tab, then click on the SAP logo. Once you input your credentials you will be all set to start sending your chats directly to ByDesign as well as knowing more about your visitor when they come to chat with you.

As always we love to hear from you, please leave any comments or questions below or hit us up on chat. We are super excited to be the first cloud App from Google App Engine available for licensing  on the SAP Store.