The password and security settings available within Eploy are unique to each of the five main user types - Candidates, Standard Users, Hiring Managers, Employees and Vendors.
To amend the security settings for each user type click on Admin > System/Security Settings then select the appropriate user type from the list.
Several of the settings are common to all user types, but there are some differences.
Within Eploy we have included a lot of help-text, explaining what each settings means. As a result, this article will focus on those settings which might need a bit more thinking about when configuring
Candidates
First, configure the Password Policy. From here you can specify the minimum length of the password, whether is should be Strong or Very Strong, whether password history should be enforced (preventing the candidate from reusing old passwords) and how frequently a password should be changed. You'll also have settings controlling whether the browsers auto-complete functionality will work and whether the candidate can request a Password Reset.
The lockout policy is where you'll define how many incorrect attempts a Candidate has at logging in before a CAPTCHA is displayed, and the duration of this lockout policy.
Within the Registration section, indicate if you'd like to include a reCAPTCHA on registration, whether you'd like candidates to validate their emails on registration and whether you'd like to use the Email Already Exists process.
π Note if you're going to use the Validate Emails and Email Already Exists process, you'll need to ensure appropriate Portal Notifications have been added into your system. This is also something you can do during this phase of Implementation.
Finally, you can allow the use of social logins - permitting Candidates to log in to their profile using LinkedIn, Facebook or Google accounts.
Standard Users
Standard Users have access to the Core System, potentially giving them access to all your recruitment data. Consequently, there are lots of security options to consider here.
The Password, Lockout and Social Login settings here work the same way as for Candidates.
Additional settings include:
Email Contacting Preferences
This allows you to specify whether a core user can send an email from any email address or if there should be a specific alternate address available to them.
Corporate Single Sign On
Also known as SSO, this is a feature which allows you to control access to the system by linking a user account to a corporate login mechanism e.g. Office 365, Google, Okta, OneLogin, etc. Before we talk about settings, please remember that there may be a cost associated with using SSO, and as a result it won't be available in all systems as a default. If SSO isn't in your system and you'd like to use it, please have a chat with your Implementation Manager about using it.
If it is included, you'll need to select your SSO provider within Eploy then enter the Entity ID and Name and provide the SSO Service URL. You'll also be able to Force SSO, which means these users will only be able to access Eploy using SSO - there will be no Username/Password options available on the login page. Finally, upload the relevant SSO certificate.
On top of this, additional configuration will be needed within your SSO environment. In all likelihood this will need to be done by your IT team. A detailed guide is available, providing information on what steps need to be followed for each SSO provider - please ask your Implementation Manager for a copy.
Corporate Calendar Sharing
These settings allow you to link your Office 365 and Google calendars with your Eploy system. As with SSO, you'll likely need your IT Team's help with this as there is additional configuration needed within the Office 365 and Google admin systems. For full instructions on configuring Corporate Calendar Sharing, please see this section of our Knowledge base - https://support.eploy.co.uk/hc/en-gb/sections/4434939599005-Calendar-Integrations. Once linked you'll be able to set standard sharing options for Availability, limited details and full details.
Online Meetings
This section only applies if you use Zoom rather than MS Teams for online meetings.
If you use Zoom, this can be linked in this section - as with SSO and Calendar sharing, you may need the help of your IT Team or Zoom Administrator to link the system to your corporate account. Click Link Zoom Account - you'll be asked to log in to Zoom and complete the rest of the linking inside Zoom. Once the link has been created, within Eploy, you'll be able to match Zoom accounts by Eploy Username or Email address.
π Note MS Teams and Zoom are the only online meeting providers currently supported within Eploy.
Permitted IP Access
This setting is used to restrict access to the Eploy Core System from any IP Address other than those specified. To enter permitted IP Addresses, click Add then enter the IP Address before clicking Save. Repeat this process for each IP Address.
2 Factor Authentication
This is a security feature which requires the user to enter a one-time-use code, in addition to their username and password, or SSO credentials, whenever they try to log in to Eploy. Indicate the circumstances when 2FA should be used, then select the 2FA methods you wish to use - Email, SMS or Authenticator App (Google Authenticator). You can also select the 2FA email template you'd like to use.
Hiring Managers
A lot of the Hiring Manager security settings behave in the same way as those for Standard Users, with the following exceptions:
Corporate SSO - the settings applied for Standard Users will not apply to Hiring Managers. If you'd like your HMs to use SSO, you'll need to configure this here. You're welcome to use a different SSO provider if you wish.
Corporate Calendar Sharing - If you have linked Calendars for your Standard Users, your Hiring Manager's calendars will automatically link as well. You can change the visibility permissions of Hiring Manager calendars here.
Portal Configuration - at the bottom of the page you'll find the Portal Configuration section. This contains two Layout Manager tools and allows you to control the layout of the Candidate and Vacancy Overview tabs within the Application Dialogue, when viewed within the Hiring Manager Portal.
Employees
Employee security settings are similar to Hiring Managers in that they include: Password Policy, Lockout Policy, Corporate SSO, Restricted IP Access and 2FA.
The following settings are also available:
Registration - Validated Domain. This group of settings allow you to specify whether Employees can self-register on the Employee Portal, so long as they register with an email address using a valid domain e.g. @yourcompanyname.com. To use the settings, set the first question to Yes, then provide the valid domain and indicate what you'd like the system to do if a matching Contact record isn't found.
Registration - Any Domain. This group of settings allow you to specify whether Employees can register using email domain, provided they register via a specific URL. To use these settings, set the first question to Yes. Click Generate New URL to generate the registration URL and indicate what Eploy should do if a matching Contact record isn't found.
Vendors
The security settings for your Vendors (Recruitment Agencies) are configured in the same way as those for your Hiring Managers. The only difference is that Vendors are not able to send emails from within the system, meaning there are no email related settings. Additionally, there are no Calendar Sharing options, nor Portal Configuration settings.
Further Information
For more information on Password and Security settings within Eploy, please see this section of our main Knowledge Base - https://support.eploy.co.uk/hc/en-gb/sections/360005977131-Security-Settings.