Security Tools to Keep Your Data Safe: SSO, MFA, and Session Management

Cybercrime methods have become more sophisticated, resulting in an increase in data breaches, phishing attacks, and more.

And it’s not just large enterprise companies at risk — 43% of cyber attacks target small businesses. The same study finds that 60% of small businesses that are victims of a cyber attack go out of business within six months.

Stolen or misused credentials are responsible for over 60% of data breaches. With more business operations happening online, how do you keep one of your most important business assets — your data — safe? 

ActiveCampaign offers several easy-to-use features that will help you secure your business from growing online threats

Reduce passwords (and risk) with single sign-on

Single sign-on (SSO) lets you automatically log into ActiveCampaign through an identity provider without needing a separate set of credentials. One of the most common cyber attacks on companies of all sizes are phishing attacks, which attempt to make individuals reveal personal information such as usernames and passwords. SSO means better enterprise security for your business by reducing the potential to become compromised.

Enterprise SSO for ActiveCampaign gives you these benefits:

  • Remember one master set of credentials. This prevents team members from forgetting multiple passwords, reusing weak passwords, or keeping physical records of all passwords — all of which are inconvenient, costly, and most importantly, insecure.
  • Save time and reduce costs. A recent study done by Gartner reveals over 50% of all help desk calls are due to password issues. The more passwords a user has, the greater the chance of forgetting them, so single sign-on drives down help desk costs.
  • Automate your workflow. Our SAML-based SSO feature also includes just-in-time (JIT) provisioning, allowing users to automatically be added as a user through your identity provider when they first log in. Automate your IT workflow and help you focus on scaling your business instead.

Worried about getting locked out or losing your existing ActiveCampaign credentials by turning on SSO? With our hybrid login option, if there are ever configuration issues with the identity provider, users can continue to use existing ActiveCampaign credentials to access your account.

SSO is now available to our Enterprise customers. You can learn more about everything you get with the Enterprise tier here.

Prevent unauthorized logins with multi-factor authentication 

2OKEMPahRUgyu5O3u0d26Y4URAgu00DI mOdqhfZLWvQpsXfldQCHi YK1xv24c0bf9q9cxSDwDeDQRVtZXj3DE015Ak323dByeF8MP2xfOHi5cbPzQlreR6iZOqSxlxiKPGwaO

We start with trust at ActiveCampaign, so we make multi-factor authentication (MFA) available to every user on your account.

What is multi-factor authentication? If you use a mobile phone, there’s a good chance you already use it. Also commonly called 2-factor authentication (2FA), MFA is a secure authentication method utilizing two or more “factors” used to verify your identity. 

The types of factors used can include things that:

  • You possess (like a mobile phone or physical key)
  • You know (your passwords)
  • You are (like biometrics or GPS location)

Verifying at least two of these elevates account security to prevent fraudulent activities. The most common MFA method uses SMS: in addition to entering a password, the user also needs a registered phone number to receive an SMS text for a one-time code to complete authentication and get access.

Usernames and passwords are very easy targets for cybercriminals, so we highly recommend you enable MFA for all users to help keep your ActiveCampaign data more secure. You can use MFA on ActiveCampaign with SMS text messages, or with common TOTP authenticators like Authy and Google Authenticator.

Add an additional layer of security with session management

C1b3IxCs2LyR sztzkfcnezryh6ndmCoJmslZG6 LaCybpcX5M8htqufk53pz9lCI7xK6HYtrh7NU5zwYoTpJQO81eGb9b5x1nPDWC1DKJTbDA5ew0qXXE6Ehi9NOoYXPNwr 09p

Session management will log an ActiveCampaign user out if they are idle for a predetermined period of time. Customize the length of an active session to meet your specific business security needs and be protected from potential compromises. 

This admin setting is available to every ActiveCampaign account, and is highly recommended to provide an additional layer of security by preventing unauthorized account access.

Sue Bergamo, ActiveCampaign’s VP of Global Security and 2022 Cybersecurity Professional of the Year, believes security measures should be proactive and multi-layered. “By offering our customers SSO, MFA, and session timeouts, ActiveCampaign is providing three secure ways to protect customer information aligned with industry security best practices.”

ActiveCampaign guarantees trust with transparency

Data protection is crucial for long-term business success. We’re so committed to your success, we guarantee it. We’re proud to be the only customer experience automation provider promising excellence in value, service, access, and trust — that’s why we created the ActiveCampaign Customer Success Commitment.

Our platform works as hard as you do to keep your customers’ trust. We do that by protecting your data, providing the stability you need, and helping you stay compliant.

We are committed to protecting and safeguarding your data with full transparency into security, privacy and compliance controls at ActiveCampaign. That’s why we make our latest available SOC 2 report and pen test summary available as part of our comprehensive security package. You can request our most current security package here.

Never miss an update

Comment section