Security settings in Collaborate

Configuring security settings

Here's more information on what each option within the Security screen does:

Make bidder site
- Use this setting for any scenario where multiple parties need access but should not be aware of each others' existence, for example, multiple bidders in an auction. Once selected, a site administrator can tag organisations as bidders and manage the bidders on two additional administrative pages that are displayed via
User permissions
>
Manage organisations and User permissions
>
Data room team
Restrict site to internal users
- If you choose this option, any external users to the site will be suspended. Select the checkbox to restrict the site to internal users. A message displays telling you that you'll suspend access for outside users.

Use groups for permissioning
- Use this setting to select whether to use user or group-based permissions on the site. If this checkbox is not selected, access to site content will be determined on a user-by-user basis. If this checkbox is selected (the default setting), then users must be assigned to at least one security group to access any site content. A user can belong to more than one security group and it is recommended that group-based security is applied. With group-based security, each user inherits the access rights granted to the security group(s) of which they are a member. If this setting is changed after users have been added to the site, all previously configured site permissions will be removed. Therefore it is important to choose the appropriate security model when the site is first created and a warning message will be displayed. Please consider carefully when changing the site security model. If it is determined to be necessary to change the security model, change the site status to
Preparation
and then reconfigure the permissions. That way, site users cannot access content they should not see while permissions are changed.
Display site label
- This can be used to add a further name to the site for example 'Confidential'.

Authenticated RSS Feeds
- The site's RSS feeds contain summary information about site activity using the standard RSS format and they can be accessed using an RSS reader, outside of the HighQ website. To access the link for an RSS feed, go to one of the modules that supports RSS (Activity, Tasks, Blog and Events), right-click on the RSS icon and copy the RSS link.
This administrative setting determines whether a user must authenticate themselves to access the RSS feeds. If authentication is required, a user's HighQ username (email address) and password must be entered into the RSS reader. (Not all RSS readers support authentication.) If authentication is not required, then the only thing required to access the RSS feed is the link itself. Whether or not authentication is required, a user accessing the RSS feed will have access only to the same content they can see on the HighQ website. This limitation is enforced because each user on each site is given a unique link to every RSS feed. If no authentication is required and a site user shares their unique RSS link with a third party, then that third party will have access to the same RSS information as the user. If the user sharing the RSS feed is the Site Administrator, the third party will have access to ALL site content available via RSS. It is recommended that authentication be required for all RSS feeds, unless the information in a particular site is not considered sensitive. This option is only available in Security if switched on by HighQ Support.
Hide this site in HighQ Drive and Office Plugin
- If this checkbox is selected, this site will not be visible in
HighQ Drive
and
Office Plugin
.
Enable advanced Site Admin options
- If this setting is enabled, then site administrators will have access to every administrative page for the site. If unchecked, site administrators will only have access to the
iSheet
,
User permissions
,
Q&A
and
Reporting
administrative pages and a System Administrator will need to administer the other features of the site. This setting is typically enabled.
Enable site password
- This setting adds an extra layer of security for particularly sensitive sites. Once enabled, every user - even site and system administrators - must enter the extra password each time they try to access the site. If the password is lost, the only way to reset it is to ask a system administrator to contact HighQ to have the password reset. To enable this setting, check the box and enter a password in the
Password
field. The password must have at least 8 characters, one upper case character, one lower case character and one digit. (The same requirements for the regular Collaborate password.) An Administrator should not use their Collaborate password in this field. Once entered here, the password will not be displayed, but it can be changed or disabled at any time by deselecting the checkbox. The extra password must be separately distributed to site users, preferably in a secure matter, such as by telephone.
Enable two-factor authentication
- Select this checkbox to enable two-factor authentication. A confirmation window will display advising that you must enter a passcode for the session if you haven't already. Users who have entered a passcode at the system level are not required to enter another at the site level.

Enable IP address restrictions
- This setting adds an extra layer of security for particularly sensitive matters. Once enabled, only users attempting to access the site from one of the listed IP addresses can access the site. This restriction applies to both internal and external users. To enable this setting, check the box and enter one or more IP addresses in the
Enter IP address
field, separated by commas. To add a range of IP addresses click on the Add
IP range
link. The
Add IP range
link opens a window for you to enter the
From
and
To
IP addresses. Select
Add
to save your changes. If your IP address is not added to the list, you will lose access to the site.
Microsoft Azure AI translation enabled
- Please see
Microsoft Azure AI for tag suggestions
for further information on how to set this up.