One of Lua's highest priorities is providing real time messaging complemented by the robust information security that enterprises demand. We want to empower your business to share information in real time but make sure they are doing so securely and compliantly, so we've updated Lua with some exciting new security features.
So, what’s new? We’ve added new app level security features that Admins and end users can now take advantage of for added protection.
Password Expiration Feature (for Admins)
Administrators now have the ability to set expiration schedules for users based on their network. These settings are available in the Admin Console, under Network Settings.
Setting a Password Expiration Schedule
An admin may change the expiration schedule to Never, 90 or 180 days (the default is Never) and the exact expiration dates are based individually on the last time a user changed their password. In addition, an admin will have the ability to force an immediate reset for all users in that network. Because many users belong to more than one Lua network, there are some rules to standardize the password expiration process for these users.
Highlights of the password expiration process for users in multiple networks:
1. Users that belong to more than one Lua network will automatically be set to the expiration schedule of the first network they are assigned to.
2. Users who have an expiration set will not be changed when added to another network.
3. Only accepted members have expiration dates set. Users with pending, not invited and deactivated member status are not part of the expiration schedule until they are an accepted member of the network.
*Best practice tip: set all networks belonging to the same organization with the same expiration dates.
Password Expiration Management
Starting a week before a user’s password is set to expire they will receive an email notifying them of the date. If the user does not reset their password before the expiration date, then at the time of the expiration (or the next time they log into the app) they will be presented with a password reset screen.
For client password expirations, they will have three option to choose: ‘reset password’, ‘logout’, or ‘forgot password’. If the user selects to reset the password, they can reset it immediately and continue using the app without getting logged out.
A New Compliance Mode
There is a new option for networks to be set to ‘Compliance Mode'. With a Lua network in this setting, end users will benefit from three new security compliance features:
Passcodes are a 4 digit app level access code (aka PIN) that a user must set when at least one network they are in is set to Compliance Mode. If a user’s network is in this mode they will be required to set a passcode the first time they log into the app. The Passcode will remain active until the user either logs out of Lua, or has the app open and inactive for 15 minutes. If the user chooses to log out of the app, they will be instructed to reset their passcode the next time they login.
It is important to note that any Lua user can choose to add a passcode to their Lua app even if they are not in a Compliance network, the difference lies in the fact that they will have the option to remove their passcode whenever they would like if they are not apart of a Compliance network.
*Best practice tip: set all networks belonging to the same organization with the same Compliance Mode settings to avoid confusion.
When a member that belongs to a Compliance network receives a Lua notification, the notification will not display the body of the message on the locked screen or in the notification list, it will only show who has sent a message. On iOS devices, however, if the notification arrives while the user is in the Lua app, the full notification will be displayed.
Locked User Settings
If a user is apart of at least one network that is in Compliance Mode, they will not be able to change any of their User Settings (name, email, phone number and avatar).