Time-Based Access Control

A new security feature is available for LuxSci WebMail customers. Account administrators now have the option to implement time-based access controls for their users. Administrators can restrict what times of day and what days of the week individual users are permitted to use the LuxSci web interface (for WebMail, administration, or other tasks) to increase security on the platform.

This prevents unauthorized off-hours access by employees and also by potential attackers. In a compliance context, LuxSci customers are able to apply time-of-day access controls on a user-level to further limit the attack surface and keep essential information protected.

How to Enable Time-Based Access

You must be an account administrator to enable time-based access. To edit this setting, go to the user’s account and click on “Settings.” Under “Security,” go to the “General” page and do the following steps:

• Enable the overall setting “Enable time-based access restrictions to this web interface.”
• Select the time zone to use for these times.
• For each day the user will be allowed to login to the Web Interface, enter one or two time ranges in the 24-hour time format “HH:MM-HH:MM.”
  • For example, if the user can use the system between 9am and 5pm, you would enter “09:00-17:00.” Use two time ranges if there are two distinct periods of time during the day that are acceptable.

Additional Security Features

In addition to this feature, we also recommend that LuxSci customers take advantage of our other security controls such as:

• Requiring two-factor authentication for users.
• Restricting logins to specific IP addresses or restricting logins to WebMail to be only from IP addresses in your country.
• Using custom application-specific passwords for granting controlled access to your account to specific services and programs.