Account Policy Lockout Feature in eCatalog


Enhancing Security Through Automated Lockouts and Administrative Safeguards:

eCatalog's Account Policy Lockout feature is designed to bolster system security by automatically locking out users after a specified period of inactivity and enforcing strict controls on administrative privileges. This feature plays a crucial role in preventing unauthorized access and ensuring that administrative powers are checked and balanced.


Key Components of the Account Policy Lockout Feature:


  • Automatic User Lockout:
    • Inactivity-Based Lockout
      eCatalog can be configured to lock out users who are inactive for a predetermined period of time. This feature helps ensure that user accounts are not left open indefinitely, which could potentially be exploited for unauthorized access.
    • Reminder Notifications
      Before reaching the inactivity threshold for a lockout, eCatalog can send reminder emails to inactive users, prompting them to log in and thus avoid automatic lockout. This helps keep user accounts active while maintaining security protocols.
  • Administrative Safeguards:
    • Restrictions on Self-Editing
      To prevent abuse of administrative powers, eCatalog includes a safeguard that prohibits administrators from changing their own groupings, roles, or settings. This ensures that no single administrator can unilaterally grant themselves broader access or sensitive permissions without oversight.
    • Dual Administrator Oversight
      Changes to an administrator’s account settings or permissions must be performed by another administrator. This dual-control mechanism provides an additional layer of security and accountability, ensuring that all modifications are reviewed and approved by multiple parties.


Benefits of the Account Policy Lockout Feature:


  • Enhanced System Security
    Automated lockouts for inactive users reduce the risk of dormant accounts being used as entry points for unauthorized access.
  • Increased Administrative Security
    The restrictions on administrators modifying their own settings help prevent potential conflicts of interest and ensure that administrative actions are transparent and subject to approval.
  • Compliance with Best Practices
    These features support compliance with industry best practices for security and governance, which often recommend measures to prevent any single individual from having unchecked administrative power.


Configuring the Account Policy Lockout and Administrative Restrictions:


  • Lockout Settings
    Administrators can set the inactivity period after which users are locked out and customize the reminder notification schedule through the security configuration panel in eCatalog.
  • Administrative Controls
    Settings that restrict administrators from altering their own privileges can be enabled or adjusted to fit organizational policies, ensuring that these controls are appropriately stringent.






Lockout feature:

eCatalog can automatically lock-out when user is inactive for certain period of time. This feature is not enabled by default.

eCatalog can also send reminder email, to get inactive users to access the website, to avoid being locked-out.



Administrators cannot change his/her own settings

To avoid administrators give himself/herself access to all the resources/pages or restricted areas, eCatalog can be configured to block/deny administrator from changing his/her own groupings, roles, etc.

In the event administrator wish to change the group, another administrator can make the changes for him/her. This provides additional layer of protection, to ensure nobody give full access without other administrator acknowledgment.