Difference between revisions of "Admin Settings"

From Cetbix Documentation
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
= Admin Manual for Support Services =
+
= Admin Settings =
  
 +
This page details the configuration options available to administrators for managing authentication, security, licenses, user permissions, and company settings within Cetbix.
  
== 1.0 Getting Started ==
+
---
  
=== 1.1 Register / Login ===
+
== Overview ==
  
To begin, open a web browser (Chrome, Firefox, Edge, etc.) and navigate to:
+
Admin Settings centralize critical configuration for:
https://www.cetbix.com
 
  
This will take you to the Cetbix homepage.
+
* User access and identity management
 +
* Security controls (SSO, MFA)
 +
* Company & license provisioning
 +
* Role and permission administration
 +
* System defaults and feature toggles
  
* Select '''Login'''
+
Well-configured Admin Settings help protect your organization, streamline onboarding, and support compliance with security best practices.
* Enter your email address and password
 
* Click '''Next'''
 
  
You may change the interface language from the top of the screen.
+
---
  
==== Single Sign-On (SSO) Login ====
+
== 1. Security Settings ==
  
If you are utilizing SSO, navigating to www.cetbix.com will redirect you directly to the SSO login page.
+
=== 1.1 Multi-Factor Authentication (MFA) ===
  
* Enter the secret PIN received from the Cetbix Authentication App
+
'''MFA adds a second layer of protection for user accounts.'''
* Click '''Sign In'''
 
  
If you are an administrator, the administrator dashboard will be displayed.
+
Administrators can enable MFA for all users or specific roles:
  
----
+
# Navigate to '''Authentication → Settings'''
 +
# Select the desired MFA method (TOTP, push, etc.)
 +
# Configure enforcement scope (mandatory / optional)
  
== 2.0 Security ==
+
''Best Practice:'' Require MFA for all accounts to reduce risk of credential compromise. :contentReference
  
''Note: Using this function for separate customers is not possible as the setting is globally based. To administer different companies independently, it is recommended to create separate accounts for each individual company.''
+
=== 1.2 Single Sign-On (SSO) ===
  
=== 2.1 Setting MFA ===
+
SSO allows users to authenticate using an external identity provider (IdP) such as Azure AD, Okta, or Google Workspace.
  
To configure Multi-Factor Authentication (MFA):
+
# Go to '''Authentication → SSO Settings'''
 +
# Enter your SAML/OIDC configuration from your IdP
 +
# Enable SSO and test with a non-admin user first
  
* Click '''Authentication'''
+
''Note:'' Some services require SSO configuration before enabling MFA changes.
* Select '''Settings'''
 
* Choose your preferred authentication method
 
  
----
+
=== 1.3 Multi-Layer Defense ===
  
=== 2.2 Single Sign-On (SSO) ===
+
Combining SSO with MFA supports layered defense — giving both identity federation and strong authentication. Administrators should:
  
To enable SSO:
+
* Enable MFA before enforcing SSO
  
* Click '''Authentication'''
+
---
* Select '''SSO Settings'''
 
* Activate '''SSO'''
 
  
----
+
== 2. Identity & Access Management ==
  
=== 2.3 Combining SSO & MFA (Multi-Layer Defense) ===
+
=== 2.1 Roles and Permissions ===
  
By activating both MFA and SSO, you add an additional layer of defense to your Cetbix account, significantly enhancing overall security.
+
Define clear roles with the minimum required privileges (principle of least privilege).
  
----
+
Recommended roles include:
  
== 3.0 Adding a New Company ==
+
* '''Super Admin''' – Full system-wide access and security settings
 +
    – Manage company users and licenses
 +
– Manage user profiles and assignments
  
=== 3.1 Add New Customer Account / Company Account ===
+
''Best Practice:'' Limit the number of Super Admins to reduce exposure risk.
 +
 
 +
=== 2.2 User Provisioning ===
 +
 
 +
Admins can add or import users and assign them to companies.
 +
 
 +
# Go to '''Employees → Add Paid User'''
 +
# Enter user details
 +
# Assign company and permission
 +
# Save
 +
 
 +
Administrators should periodically review active accounts and remove unused or inactive ones.
 +
 
 +
=== 2.3 User Deprovisioning ===
 +
 
 +
To remove a user:
 +
 
 +
# '''Employees → All Employees'''
 +
# Locate user
 +
# Select '''Delete'''
 +
 
 +
Ensure deprovisioning is tracked for audit purposes.
 +
 
 +
---
 +
 
 +
== 3. Company & License Management ==
 +
 
 +
=== 3.1 Company Registration ===
  
 
To register a new company:
 
To register a new company:
  
* Click '''Enterprise Management'''
+
# Navigate to '''Enterprise Management Register a Company'''
* Select '''Register a Company'''
+
# Provide company details and select license
* Provide all required information
+
# Mark '''Active'''
* Select the purchased license
+
# Save
* Check '''Active'''
+
 
* Click '''Save'''
+
Administrators can view and manage registered companies from the main company list.
 +
 
 +
=== 3.2 License Assignment ===
 +
 
 +
Licenses can be obtained via the platform or through direct sales channels. It’s recommended to coordinate with sales before purchasing. Administrators should monitor license usage regularly.
 +
 
 +
---
  
All registered companies will be listed for easy access.
+
== 4. System Defaults & Configuration ==
  
----
+
=== 4.1 Company Defaults ===
  
=== 3.2 Acquiring a License to a Company ===
+
Admin Settings include global defaults such as:
  
Licenses can be purchased:
+
* Branding options (logo, theme)
* Directly through the platform, or
 
* Via bank transfer
 
  
It is recommended to discuss licensing options with the Cetbix sales team prior to initiating a purchase.
+
Ensure defaults meet your organization’s policies before deployment.
  
----
 
  
== 4.0 User Management ==
 
  
=== 4.1 Adding a User ===
+
== 5. Audit & Monitoring ==
  
To add a new user:
+
=== 5.1 Activity Logs ===
  
* Click '''Employees'''
+
* Login attempts
* Select '''Add Paid User'''
 
* Provide all required information
 
* Click '''Save'''
 
  
----
 
  
=== 4.2 Assigning a User to a Company ===
 
  
To assign a user to a company:
 
  
* Click '''Employees'''
+
== 6. Best Practices ==
* Select '''All Employees'''
 
* Choose '''Assigned Company'''
 
* Select the company
 
* Assign appropriate permissions
 
* Click '''Save'''
 
  
----
+
* Enforce MFA for all accounts.
 +
* Use SSO with verified identity providers.
 +
* Limit number of high-privilege accounts.
 +
* Perform regular reviews of users, roles, and license utilization
  
=== 4.3 Deleting a User Account ===
 
  
To delete a user:
+
== Related Pages ==
  
* Click '''Employees'''
+
* [[Admin Manual]]
* Select '''All Employees'''
+
* [[User Management]]
* Locate the user
+
* [[Company Registration]]
* Click '''Delete'''
+
* [[Security Guide]]

Latest revision as of 09:10, 17 January 2026

Admin Settings

This page details the configuration options available to administrators for managing authentication, security, licenses, user permissions, and company settings within Cetbix.

---

Overview

Admin Settings centralize critical configuration for:

  • User access and identity management
  • Security controls (SSO, MFA)
  • Company & license provisioning
  • Role and permission administration
  • System defaults and feature toggles

Well-configured Admin Settings help protect your organization, streamline onboarding, and support compliance with security best practices.

---

1. Security Settings

1.1 Multi-Factor Authentication (MFA)

MFA adds a second layer of protection for user accounts.

Administrators can enable MFA for all users or specific roles:

  1. Navigate to Authentication → Settings
  2. Select the desired MFA method (TOTP, push, etc.)
  3. Configure enforcement scope (mandatory / optional)

Best Practice: Require MFA for all accounts to reduce risk of credential compromise. :contentReference

1.2 Single Sign-On (SSO)

SSO allows users to authenticate using an external identity provider (IdP) such as Azure AD, Okta, or Google Workspace.

  1. Go to Authentication → SSO Settings
  2. Enter your SAML/OIDC configuration from your IdP
  3. Enable SSO and test with a non-admin user first

Note: Some services require SSO configuration before enabling MFA changes.

1.3 Multi-Layer Defense

Combining SSO with MFA supports layered defense — giving both identity federation and strong authentication. Administrators should:

  • Enable MFA before enforcing SSO

---

2. Identity & Access Management

2.1 Roles and Permissions

Define clear roles with the minimum required privileges (principle of least privilege).

Recommended roles include:

  • Super Admin – Full system-wide access and security settings
   – Manage company users and licenses

– Manage user profiles and assignments

Best Practice: Limit the number of Super Admins to reduce exposure risk.

2.2 User Provisioning

Admins can add or import users and assign them to companies.

  1. Go to Employees → Add Paid User
  2. Enter user details
  3. Assign company and permission
  4. Save

Administrators should periodically review active accounts and remove unused or inactive ones.

2.3 User Deprovisioning

To remove a user:

  1. Employees → All Employees
  2. Locate user
  3. Select Delete

Ensure deprovisioning is tracked for audit purposes.

---

3. Company & License Management

3.1 Company Registration

To register a new company:

  1. Navigate to Enterprise Management → Register a Company
  2. Provide company details and select license
  3. Mark Active
  4. Save

Administrators can view and manage registered companies from the main company list.

3.2 License Assignment

Licenses can be obtained via the platform or through direct sales channels. It’s recommended to coordinate with sales before purchasing. Administrators should monitor license usage regularly.

---

4. System Defaults & Configuration

4.1 Company Defaults

Admin Settings include global defaults such as:

  • Branding options (logo, theme)

Ensure defaults meet your organization’s policies before deployment.


5. Audit & Monitoring

5.1 Activity Logs

  • Login attempts



6. Best Practices

  • Enforce MFA for all accounts.
  • Use SSO with verified identity providers.
  • Limit number of high-privilege accounts.
  • Perform regular reviews of users, roles, and license utilization


Related Pages

Retrieved from "https://wikki.cetbix.net/index.php?title=Admin_Settings&oldid=234"