Managing Security in D4Web

Managing Security in D4Web

Quote
2FA, passwords, trusted devises, restrictions, activity monitoring & login/out automation all ensure each organisation can manage its own security needs within D4Web.

Where to find the Security page

Click the navigation menu > Location Setup > Security page

2FA & password reset

The 2 Factor Authentication (2FA) sends a code via E-mail once the user logs in with their username/password.  This code has an expiry time (eg: 90secs). 
AlertEnsure emailing is setup and working correctly in D4Web before using this feature. Contact support if help is required. 
  1. Select the 2FA & password reset tab
    1. Click radio button to view the list of users by Company, Locations, Groups or Users
    2. Tick box to Enable 2FA
    3. Tick box to Allow user to reset password via Email and / or SMS

  2. Click PRINT to printout a user detail list
  3. Enter text to search for a login name
  4. Column details:
    1. Login: Login/ User name
    2. Location: Practice Location name
    3. 2FA Status: Turn Off or On
    4. Code Sending Method: E-mail
    5. Code Expiry time: How many seconds before the code sent expires
    6. 2FA Validity period, (0-9999) days: If the 2FA is valid for a period of days
    7. E-mail: Enter E-mail address if not already present (uses the email address from Provider / Staff pages by default) as this method is used for code sending
    8. Mobile: The users mobile number
  5. Click into fields to change the information

  6. For those Users who have 2FA Status = On selected, will get this verification code window at next D4Web logon

IP Restrictions

Allow or block access to selected User & Password login from selected IP addresses & or from a selected database
  1. Select the IP Restrictions tab
  2. Click radio button to:
    1. Disable IP verification
    2. Block specific IP(s)
    3. Allow specific IP(s)
  3. Click ADD to add a new IP address to the list
  4. Click DELETE to delete an IP address 
  5. Click PRINT for a printout of all IP addresses in the list

Trusted Devices

A Trusted Device is a device that will not pass IP-address verification, which will allow a specific user to log in even from a forbidden IP.
  1. Select the Trusted Devices tab
    1. Computer name: Select the computer name from the list
    2. Login: Select the login name from the list
    3. Trusted: Mark the tick box once Computer name & Login have been entered. Unmark if/when this is no longer a trusted device
    4. IP Address (last login): The IP address used
    5. Notes (last Login): The Notes column refers to in-depth computer information
  2. Click ADD to add a new computer name to the list
  3. Click DELETE to delete from list 
  4. Click PRINT for a printout

Days/Time Restrictions

Restrict the DAYS and/or TIMES of connections allowed, e.g. User 1 allowed to connect Mon, Tue, 9AM to 6PM. 
  1. Select the Days/Time Restrictions tab
    1. Click radio button to view the list of users by Company, Locations, Groups or all Users
    2. Tick box to Enable Days/Time Restrictions (we recommend you wait to do this until after the times have been set)
  2. Click PRINT to printout a restrictions list
  3. Enter text to search for a login name
  4.  Select the From or To fields to select the times using up/down arrows (24hr time)

Notes
Times Display is set as 24hr 
Time Zone is set as per local computer 

Users Activity Monitor

Monitor the activity of each user 
  1. Users Activity Monitor tab
    1. Tick Show only active sessions box to show only logged in users
    2. Click REFRESH to update the current list status
    3. Click PRINT to printout Activity list
  2. Forced logout: Where there is an Active Activity, user can click LOG OUT to force logout

Auto Logout

If a user does not show an activity for the designated time, D4Web automatically log that user out. 
  1. Select the Auto Logout tab
    1. Click radio button to view the list of users by Company, Locations, Groups or all Users
    2. Tick box to Enable Auto Logout
  2. Click PRINT to printout a user logout detail list
  3. Enter text to search for a login name
  4. Login: User login name
  5. Location: Practice location
  6. Auto Logout delay time: Select the time from OFF to 8hours from the drop list
Info

Links to other Security topics

  1. Setup Security

  2. Prior Period locks

  3. Audit trails


    • Related Articles

    • Managing eForms

      Listed below is how to create a new eForm, edit, delete and deactivate an eForm, add a hyperlink to a form and how to deactivate a form. Managing eForms eServices Portal Create a New eForm The below instructions cover each of the options available ...

    • Managing SMS Replies in Dental4Windows

      Managing replies from appointment reminders, and SMS's sent from Queries, Recalls and Patient details. Managing Replies from Appt Reminders When an SMS is sent from the Appointments and the Patient replies, the replies can be found in SMS Manager. ...

    • Dental4Web & its Security, Protection & Compliance

      At Centaur, we prioritise the security of the information we manage, ensuring the highest level of protection for our web-based databases and cloud environments. Our approach is based on industry standards and incorporates multiple layers of security ...

    • SMS Manager: Managing SMS Replies in D4Web

      The SMS Manager page holds all SMS replies from Appt reminders, Appt notifications, Patient records, Recalls & Queries. Where to find SMS Manager page Click the navigation menu > Management > SMS Manager page Managing SMS Replies... Sent from Appt ...

    • Setup Security Features in Dental4Windows

      Below are instructions on understanding the security tab, setup security on modules/tabs/actions, setup who can or cant access or complete an action, add or modify security groups, setup supergroups, setup aliases or remove a provider from alias's, ...