Additional Domain-Level Security Settings Now Available
LuxSci has updated its per-domain administrative controls, adding features that were previously only present in the global, account-wide configuration area.
Now, the following security and privacy features can be configured on a per-domain basis, unless they are already set up globally:
- Password strength requirements for users in the domain
- Web interface session idle timeouts
- Forced security for WebAide published feeds
- Maximal Security: A “one-button” method for enabling all of the highest security settings on a domain
- Security Audit: A simple report showing what all of the security settings are on a domain and providing recommendations for improving security.
- Optional Forced use of SecureLine Encryption for messages sent from WebMail and/or SMTP.
- Configuration of TLS-Only email sending options. I.e. should TLS be considered a valid method of secure email delivery for your domain? If so, is that for all TLS-supporting recipients or only certain ones?
- Restricting of email forwarding to only recipients whose email servers support TLS for secure email delivery.
Additionally, the account-wide “Maximal Security” setting has a new “Good Security” setting which enables and can enforce all of the Maximal Security options, except for forced encryption of all outbound email. Using “Good Security” on an account-wide basis and “Maximal Security” on a domain-by-domain basis allows account holders to have very good overall email security for all users and to restrict only some users to sending all outbound email securely. This is how LuxSci’s “per-domain HIPAA compliance” accounts work.