Saturday, 18 October 2025, 12:06 PM
Created by: Ruvenss G. Wilches
Administrative users typically have elevated privileges within NIZU WorkSpace Cloud.
Always enable Two-Factor Authentication (2FA) for every admin account to prevent unauthorized access, even if a password is compromised.
This small measure significantly enhances overall platform security.
While 2FA can be optional for clients, encouraging them to enable it strengthens the security of your ecosystem.
Provide brief guidance or a reminder in the client portal login page or welcome emails to promote adoption.
2FA relies on Time-based One-Time Passwords (TOTP).
Ensure that all users — especially administrators — keep their mobile device clocks synchronized automatically via the network.
This prevents “invalid code” errors and reduces authentication friction.
2FA recovery requests should always be approved by a trusted administrator.
Avoid automated resets without verification to prevent potential social engineering attacks.
Each reset should be logged and auditable through the Security Logs in the admin panel.
Administrators should periodically check which users have 2FA enabled.
Use the Security Dashboard or User Management module to identify accounts without 2FA, and enforce enrollment where necessary.
Encourage users to safely store backup codes (if enabled) or link their Authenticator App to a cloud account that supports secure recovery.
This ensures minimal disruption if a device is lost or replaced.
Authenticator apps are security tools, and updates often include improved encryption or protection mechanisms.
Always run the latest version of your chosen Authenticator (Google Authenticator, Microsoft Authenticator, Authy, etc.) to benefit from the latest security enhancements.
Adding this section creates a complete end-to-end documentation piece — from setup and operation to support and security best practices — giving both admins and users clear, actionable knowledge.