Security Settings

Manage security options

Security is essential for protecting your business data. This guide covers the security features available in EvoDax and how to configure them.

Security Overview

EvoDax provides:

  • Encrypted data transmission (TLS/SSL)
  • Secure data storage
  • Role-based access control
  • Session management
  • Audit logging

Password Policy

Requirements

Default password requirements:

  • Minimum 8 characters
  • At least one uppercase letter
  • At least one number
  • At least one special character

Configuring Policy (Enterprise)

  1. Go to Settings > Security
  2. Under Password Policy:
    • Set minimum length
    • Require complexity
    • Password expiry (e.g., 90 days)
    • Prevent reuse

Session Management

Session Timeout

Auto-logout after inactivity:

  1. Go to Settings > Security
  2. Set timeout duration:
    • 15 minutes (high security)
    • 1 hour (standard)
    • 8 hours (convenience)
  3. Save

Active Sessions

View and manage your sessions:

  1. Go to your profile
  2. Click Security
  3. See active sessions
  4. Click Sign out to end a session
  5. Sign out all for security concerns

Two-Factor Authentication (Enterprise)

Add extra login security with 2FA.

Enabling 2FA

  1. Go to profile > Security
  2. Click Enable 2FA
  3. Choose method:
    • Authenticator app (Google, Authy)
    • SMS (phone number required)
  4. Scan QR code or enter code
  5. Verify with test code
  6. Save backup codes

Company-Wide 2FA

Admins can require 2FA for all users:

  1. Go to Settings > Security
  2. Enable Require 2FA
  3. Set grace period for setup
  4. Users prompted on next login

Access Control

IP Restrictions (Enterprise)

Limit access to specific IPs:

  1. Go to Settings > Security
  2. Under IP Allowlist
  3. Add allowed IP addresses/ranges
  4. Enable restriction

Useful for office-only access.

API Key Management

For API integrations:

  1. Go to Settings > API
  2. View existing API keys
  3. Create new keys
  4. Set permissions per key
  5. Rotate keys regularly

Audit Logging

Track important events:

  • User logins/logouts
  • Settings changes
  • Data access
  • Permission changes

Viewing Audit Logs

  1. Go to Settings > Audit Log
  2. Filter by:
    • User
    • Action type
    • Date range
  3. Export for compliance

Audit Retention

Logs retained based on plan:

  • Starter: 30 days
  • Professional: 90 days
  • Enterprise: 1 year+

Data Privacy

Data Export

Export your data:

  1. Go to Settings > Privacy
  2. Click Request Data Export
  3. Receive download link

Data Deletion

Request account deletion:

  1. Go to Settings > Privacy
  2. Click Delete Account
  3. Confirm (irreversible)
  4. 30-day retention before permanent deletion

Security Notifications

Get alerted to security events:

  • New device login
  • Failed login attempts
  • Password changes
  • 2FA changes

Enable in Settings > Notifications > Security.

Best Practices

  1. Use strong passwords - Unique for each service
  2. Enable 2FA - Extra protection
  3. Review access - Audit users regularly
  4. Monitor audit logs - Spot suspicious activity
  5. Keep contacts updated - For security alerts
  6. Train your team - Security awareness

Security Questions?

Contact us:

  • security@evodax.com
  • Report vulnerabilities responsibly
  • We take security seriously
Notifications & Preferences

Was this article helpful?