Understanding Security Administration
- 5 Minutes to read
- Print
- DarkLight
- PDF
Understanding Security Administration
- 5 Minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Article Summary
This article explains how administrators can configure and manage security and access settings in Planful using the Security Administration page. It covers controls for user account inactivity, password policies, login attempt limits, and Single Sign-On (SSO) authentication options. Administrators can define how long a user remains active without logging in, enforce password complexity or expiration, and manage deactivation and reactivation rules to align with corporate security policies. Additional settings, such as IP logging, tenant-level permissions, and support access configuration, ensure a secure and compliant environment for all users across the application.
AKA: security at the account level, change the inactive period, extend the inactive period, update inactivity settings, user inactive period, extend inactive time, increase idle days, user access expiry, inactivity threshold
eddy_keywords: deactivate user account, user inactivity, inactivity threshold, update inactivity settings, user inactive period, extend inactive time, increase idle days, user access expiry, change inactive period, extend inactive period, inactivity duration, disable inactive accounts eddy_intent: How-to eddy_questions: - How do I extend the inactive user threshold in Planful? - How do I change the user inactivity duration? - How can I increase the timeout period for users? - How do I allow longer inactive thresholds before deactivation? - How do I prevent users from being deactivated too soon? - How can I shorten the user inactivity period for security reasons? - How do I re-enable a user account deactivated due to inactivity? - How do I configure automatic user deactivation settings? - What is the default inactivity threshold in Planful? - Where do I find the Deactivate user account setting? - How does inactivity affect user access in SSO? - Can I exclude specific users from inactivity deactivation? - Does Planful notify users before deactivation due to inactivity? eddy_synonyms: inactive user = idle user, dormant account, unused user deactivate = disable, lock, suspend threshold = limit, duration, time period
The Security Administration page allows administrators to manage application access settings, including password policies, access controls, and user activity tracking. This ensures that the system stays secure and aligned with organizational standards.
To access the Security Administration page, navigate to Maintenance > Administration > Security Administration.
Tenant Group Security Settings
To access the Security Administration page, navigate to Maintenance > Administration > Security Administration.
Note:
Contact Planful Support to request edit access to the Tenant Group Security Settings section and update security settings.
Enforce password change after X number of day(s) – Specify the number of days after which users must change their password
To change the inactive period in Planful, To change the inactive period in Planful, navigate to Maintenance > Administration > Security Administration and increase the number of days in the Deactivate user account after X number of day(s) without login field
To extend the inactive period when there is no activity update the number of days in the Deactivate user account after X number of day(s) without login field by Navigating to navigate to Maintenance > Administration > Security Administration
Password must contain a minimum of X character(s) – Specify parameters for passwords, such as the required number of characters
Enforce account locking after X number of invalid attempt(s) – Specify the number of failed login attempts before locking a user out of the application
Disable current password check for SSO users – Allows the use of Single Sign-On (SSO) without the need for the user to verify their current password
Deactivate user account after X number of day(s) without login – Update the number of days to deactivate user accounts if they remain inactive for a specified number of days.
Do not allow X previous passwords to be used for password reset – Specify the number of previously used passwords that cannot be reused when a user resets their password.
Tenant Security Settings
Select the appropriate settings. The default settings are enable IP Logging and enable Employee Review %. 
Enable IP Logging – An IP (Internet Protocol) address in a unique set of numbers that represent the computer connected to the system. IP logs contain recordings of IP addresses representing members who have logged on to the system.
Enable Protect Sheet/Workbook in Excel Exports - Allows users to enable or disable the Protect Sheet mode as per their convenience.
Enable Snapshot in Data Input Templates - Allows users to take snapshots of input templates.
Enable Email in Data Input Templates - Allows users to send emails with input template data attached.
Enable Snapshots in Reports - Allows users to take snapshots of reports.
Enable Email in Reports - Allows users to send emails with reporting information attached.
Enforce changing the account properties when the data is available - Allows account properties to be edited when data exists. For Segment Hierarchies, the system properties (i.e. Account Type, Currency Type, Credit/Debit, Normal Data Input Type, and Variance) are disabled for account members if data has already been loaded for these members and the configuration is turned off. However, if the configuration is turned on, these properties are opened to edit (even when data exists for the members). It's important to reload Data Loads and rerun Consolidations to avoid data discrepancies.
Enable Employee Review % at - Allows the configuration of Review % at the Employee/Employee Type level. If set at the Employee level, Review % may be overridden for each employee in the template.
Enable Email on Budget Approval Workflow - Allows users to send emails during the budget approval workflow with budget information attached.
Enable Access to Planful Support Users Until - Allows Planful Support Users to access your application to better help you facilitate necessary tasks or provide additional assistance. If you turn off (do not select this checkbox) Support Access, Planful Support Users will not have access to your application. If you disable this option during a Support User session, the Support User is allowed to continue the session, but may not log in again. Planful Support User information is not available for viewing by your users. The system keeps audit logs of all Support Users that log in to your application.
Click the calendar button to provide a date until which Support User access is valid. By default, this option is opened and the date is set to 10 years out. You may edit this date at any time.
Enable cross sheet reference account update in Offline Planning workbook - Allows you to indicate whether or not you want the system to automatically populate the updated reference account line data in the dependent templates without connecting to the online template. For example, if you have two templates checked out for offline input with reference mapping (one template referencing data from another), you may automatically populate the reference account line data, or not, based on performance needs.
Check cube process status after every _ minutes - Checks the status of the reporting cubes every number of minutes selected and updates the cube icon.
Was this article helpful?