Security Settings

NEURO provides comprehensive security controls to protect your organization’s data and ensure compliance with security requirements.

Authentication Security

Password Policy

Configure password requirements:

Setting	Options
Minimum length	8-32 characters
Require uppercase	Yes/No
Require lowercase	Yes/No
Require numbers	Yes/No
Require special chars	Yes/No
Password history	Prevent last N passwords
Maximum age	Days before expiration

Configuring Password Policy

Go to Settings → Security
Navigate to Password Policy
Set requirements
Save changes

New passwords must meet policy immediately.

Two-Factor Authentication (MFA)

Enabling MFA

MFA can be:

Optional (user choice)
Required for all users
Required for admins only

MFA Methods

Method	Security	Convenience
Authenticator App	High	Medium
Hardware Key	Highest	Lower

Enforcing MFA

Go to Security → MFA Settings
Select enforcement level
Set grace period for setup
Save

Users without MFA have grace period to configure.

Session Management

Session Timeout

Configure auto-logout:

Timeout period: 30 min - 24 hours
Activity-based: Reset on activity
Absolute: Fixed session length

Concurrent Sessions

Control multiple logins:

Allow unlimited
Limit to N sessions
Single session only

Session Termination

Admins can:

View active sessions per user
Terminate specific sessions
Force logout all users

Access Control

IP Allowlisting

Restrict access by IP address:

Go to Security → IP Allowlist
Enable IP allowlisting
Add allowed IP ranges:
```
192.168.1.0/24
10.0.0.0/8
203.0.113.50
```
Test with current IP
Enable enforcement

Geographic Restrictions

Block access from specific regions:

Select blocked countries
Or allow specific countries only

API Security

Secure API access:

Token expiration settings
IP restrictions for API
Rate limiting configuration

Data Protection

Encryption

NEURO encrypts data:

Data Type	Encryption
Data at rest	AES-256
Data in transit	TLS 1.3
Backups	AES-256
File uploads	AES-256

Data Classification

Mark data sensitivity:

Public
Internal
Confidential
Restricted

Export Controls

Control data exports:

Enable/disable bulk export
Require admin approval
Audit all exports

Audit & Compliance

Audit Logging

All security events are logged:

Event Category	Examples
Authentication	Login, logout, MFA
Authorization	Permission changes
Data Access	Views, exports
Configuration	Settings changes

Viewing Audit Logs

Go to Security → Audit Logs
Filter by:
- Date range
- User
- Event type
- Resource
Export for compliance

Log Retention

Configure retention:

Minimum: 90 days
Recommended: 1 year
Maximum: 7 years

Security Monitoring

Security Dashboard

View security metrics:

Failed login attempts
MFA adoption rate
Session statistics
Suspicious activity

Alerts

Configure security alerts:

Multiple failed logins
Login from new location
Admin action performed
Export initiated

Incident Response

When suspicious activity detected:

Alert sent to admins
Option to lock account
Force password reset
Session termination

Compliance Features

Compliance Frameworks

NEURO supports compliance with:

SOC 2 Type II
GDPR
HIPAA (with BAA)
ISO 27001

Evidence Collection

Export compliance evidence:

User access reports
Authentication logs
Configuration snapshots
Data handling records

Security Best Practices

Recommended Settings

Setting	Recommendation
MFA	Required for all
Session timeout	2 hours
Password length	12+ characters
Password expiry	90 days
Failed login lockout	5 attempts

Regular Reviews

Perform periodically:

User access review (quarterly)
Admin account audit (monthly)
Security settings review (quarterly)
Audit log review (weekly)

Security Checklist

Initial setup:

Next: Learn about Report Templates