A couple of new security features

New Features

We've recently released a number of new security features to the Natterly platform, which you can access and start using immediately. These include two factor authentication for all users, security notification emails for users and administrators, IP address restriction and personal user session control.

Two Factor Authentication

As has been the case for some time with our other aTech services, we've introduced Two Factor Authentication for all users in Natterly. It's very simple to set up, just head to Your Settings within the Natterly admin console, then click the link to configure two factor authentication found just below your password, then follow the instructions to get set up.

Configure 2FA

Enforced 2FA

As well as being able to configure Two Factor Authentication on your own account as an agent, as an administrator in Natterly you can also enforce it for all agents, meaning they cannot login without setting up 2FA first.

Head to Settings -> Account Settings in the admin console, then enable the Require two factor authentication? option at the bottom of the page.

Enforced 2FA

Any users that login without 2FA enabled will then be prompted to set it up.

Setup required

Security notification emails

We've also introduced several notification emails, that are sent to agents and administrators, where appropriate when the following scenarios occur:

  • To agents when their account is logged in successfully via a new browser session we don't recognise
  • To agents if their account is locked due to 10 successive failed attempts
  • To administrators if a new user is invited to their Natterly account

IP address restriction

You can now restrict access to your Natterly agent and admin consoles to specific networks by way of IP address restriction. Head to Settings -> Account Settings in your admin console, then add any IP addresses or CIDR ranges that you wish to allow.

Allowed networks

Once you've done so, any other connections from networks outside of those allowed will be prevented.

Session control

As agents, you can now view all active sessions you have for your account, and if needed revoke any that you no longer require or don't recognise.

Head to Your Settings -> Sessions where you'll see a list of all active sessions, with a simple Logout link on the right hand side next to each one that you can press to revoke it immediately.

Your sessions

Natterly mobile

IP restrictions and Two Factor Authentication are also fully supported in the mobile applications, with as of today have been updated with new releases to the Google Play store and Apple app store.

A little bit about the author

I'm Adam W, or as everyone prefers to call me - Batman. I get a lot of satisfaction out of helping our customers and am committed to making their customer experience as positive as possible. When not offering support to our customers, you'll find me gaming, listening to music or running.