Skip to main content

FAQ - What Security measures does iiQ have in place?

The session timeout settings will automatically take effect and begin monitoring for two session values:

  • Time since the user's last authentication.

  • Inactivity of the users.

By default, only when the user has been inactive for 30 minutes and has been logged in for >12 hours. The user will be notified when this log-out occurs, regardless of timeout settings. These values were chosen to align with typical SaaS security recommendations while minimizing user disruption. These default times require users to log in only once per day in most cases.


Can the admin adjust these settings?

Yes. Admins will have the ability to set which settings are taken into account and their timeout values. See the next slide for details.



Can the admin turn off the session timeout?

No. This feature is designed to improve the security of our product for the Incident IQ teams and our customers.

Below are the settings in Site Options regarding Inactivity Timeout Mode and Session Timeout. Please see the entire help guide regarding site options here:

  • Session Inactivity Timeout Mode: use the dropdown menu to select and set the inactivity timeout mode.

    • Inactivity Timeout will be set to a default of 30 minutes

    • Min - 1 min, Max - 60 min

Inactivity Timeout Mode Options:

Only use inactivity When Session is Expired

Always use inactivity

Never use inactivity

Will only check for user’s inactivity if the session timeout period has been exceeded

Will never log out the user for inactivity prior to session timeout period being reached

Will always check for user’s inactivity and log the user out if they are inactive for the amount of time set for inactivity

Log out occurs no matter how long they have been logged in

Will never check a user’s inactivity to determine logout

Once the user has reached the session timeout period, they will be logged out immediately

  • Session Timeout: Set the session timeout for all user. This is the time since the user last authenticated. This will require your users to log in at the timeout session that you set.

    • Session timeouts will be set to a default of 12 hours

    • Min - 1 hr, Max - 24 hr

---

Deborah Prosser - Community Manager

Did this answer your question?