Security Policy Settings

To make your Smart Trading Cloud account resistant to cyberattacks and to strengthen the security of your data, you can set the password requirements and enable multi-factor authentication for the users of your organization account.

Password Settings

You can set the following password requirements:

  • Set the minimum password length;
  • Set the minimum number of lowercase, uppercase, special characters, and digits;
  • Define the number of password changes after which users can reuse their previous passwords;
  • Set the password expiration time to ensure that users change their passwords regularly.

Configure the password policy

  1. On the top of the User Management page ( on the left navigation bar), click Security Policies.
  2. In the Security Policies pane, on the Password Policy tab, select the check box next to the setting you want to enable and specify a value.

    3. Note By default, passwords must contain at least six characters with at least one uppercase letter, one lowercase letter, and one digit. The new policy you define must be stronger than the default one.

  3. If you want to prompt users to change their passwords immediately regardless of the password expiration settings, select Force users to change password at next logon.
  4. Click Apply.

Multi-Factor Authentication

To enhance security of your account and the data you work with in Smart Trading Cloud, enable multi-factor authentication (MFA). This will require your organization account users not only to enter their user name and password when they sign in to the Smart Trading Cloud services, but also to provide a verification code they receive on their trusted device.

Warning Edifecs do not recommend that you enforce multi-factor authentication for your account users if they work with the Smart Trading Cloud artifacts through the following on-premise Edifecs applications:
- Edifecs Application Manager
- XEServer
- XEngine
- XES Module for FHIR
- SpecBuilder

  1. On the top of the User Management page, click Security Policies.
  2. In the Security Policies pane, on the MFA Policy tab, select Enforce MFA for all users, Enforce MFA only for administrators, or Do not enforce MFA.
  3. Click Apply.

If you selected to enforce multi-factor authentication, next time you and your account users sign in to Smart Trading Cloud, you will be prompted to configure multi-factor authentication for your user accounts. If you later change the MFA policy to Do not enforce MFA, the users who have already configured MFA for their account will need to disable it manually, as switching the policy does not disable this feature.

If required, you can reset MFA credentials for the users who configured multi-factor authentication for their account.

Watch the video tutorial on how to enable and configure multi-factor authentication for your Smart Trading Cloud account users.