Uniform Compliance Settings for Organization

A user with data manger permissions (“Can set compliance” permissions as set under user management) can edit the organization’s compliance settings. The organization’s compliance settings apply to all users within the organization.

To change these settings, a data manager may follow the following steps:

1. Login to your Encyro account and click on Settings.
2. Click on “Compliance, Data Security” in the left panel. This option will not be available unless you have data manager permissions. (On a mobile device, scroll down to heading “Organization Compliance”).

3. Here you can customize:
   • Require strong password: If turned on, all users will be required to use a strong password (password containing uppercase and lowercase letters, numbers, and symbols).
   • Automatically logout if inactive for more than 15 minutes: If turned on, a user who has no activity on the Encyro website for 15 minutes would be automatically logged out.
     • If your organization has enforced screen locks on all of users’ computers and mobile devices used to access their Encyro accounts, then this setting may be turned off. You may wish to activate screen lock on your devices following these instructions:
       • Windows: /blog/how-to-force-windows-10-to-lock-itself-after-inactivity-for-all-users/
       • Mac: First set the display to turn off after inactivity and then require password upon wake up.
       • Mobile devices (iOS, Android): See /blog/digital-safeguards-for-device-security/ and scroll down (or find “iOS” and then “Android”) – they are under section Device Encryption but describe both the screen lock and encryption together.
   • Allow others to receive messages from me or my organization without a password: When turned on (this is ON by default), recipients without Encyro accounts will be given the option to access their message without entering a password (via an “Access and Let Expire” link).
     • The links expire to keep data secure and you may set the number of days the link stays active.

When are settings enforced on other users: If a user is not logged in, the settings will be enforced the next time they login. If another user is logged in when a data manger updates the compliance settings, the settings will affect the logged in user within a few minutes. For instance, if require strong password is turned on, each user will get a prompt to change their password to a strong password whenever they login to their account or if already logged in, in a few minutes after you change the setting. Some users may not get that prompt if the system already knows their password is strong such as from a previous time this setting was enabled.

External Logins: External logins are not allowed if “require strong password” or “automatic logout” is turned on. If any of the users had used a Google or Facebook login, they will be prompted to create an Encyro password upon their next login attempt.

Simultaneous Edits: If multiple users with data manager permissions are updating the compliance settings at the same time, the latest updates will be used.