Set Up a Security Profile

Complete each of these tasks in the order given.

Create a Security Profile

Required permissions: Security Profiles Create

  1. Use one of the following methods to create the security profile and give it a name: 

    • To create a new blank security profile:

      1. Click the app selector and select Admin.
      2. Go to Security Profiles.
      3. Click Create New.

      4. Enter a unique Name for the security profile.

      5. Enter a Description if you want one.

      6. For Create, select a blank Security Profile.

    • To quickly create a new security profile that copies an existing one:

      1. Click the app selector and select Admin.
      2. Go to Security Profiles.
      3. Open the security profile you want to copy.

      4. Click Copy.

      5. Enter a unique Name for the security profile.

      6. Enter a Description if you want one.

  2. Click Next.

  3. Enable permissions for each product and feature you want users to have. Some permissions, like User Settings and Security, are grouped. To see the permissions inside the groups, click Individual next to the group name.

  4. Click Next.

  5. Enable permissions for each report you want users to have.

  6. Click Next.

  7. Restrict data access by CampaignsClosed A grouping of skills used to run reports., Teams, Assignable Profiles, Groups, and Business UnitsClosed High-level organizational grouping used to manage technical support, billing, and global settings for your CXone environment. For each data type, select whether you want users to access All & Future data of that type, None, or Custom.

  8. If you chose Custom for a data type, use the pop-up window to specify which entities of that data type the users can access. Click Done.

    New campaigns, teams, security profiles, groups, and business units aren't automatically added to custom lists when they're created. You must update the custom list if you want users to access the new data.

  9. Click Next.
  10. Click Create Security Profile.

Configure a Login Authenticator

Required permissions: Login Authenticator Create

  1. Click the app selector and select Admin.
  2. Go to Login Authenticator.
  3. Click Create New.

  4. Enter a unique Name for the login authenticator.

  5. Enter a Description if you want one.

  6. Select System as the Authentication Type.

  7. Set up your password complexity.

    Each user's password is checked against a repository of commonly used passwords. If their password matches one of the commonly used passwords, they will be forced to create a new password. Some of the passwords that are rejected include:

    • Any password that includes the word "password." For example, Password@1234.

    • Any password that includes the user's email address, username, first name, last name, or system name.

    Passwords are checked against this repository whenever:

    • A new user is activated.

    • A user's password expires.

    • A user resets their password.

  8. If you want to enable multi-factor authentication, select Require Multi-Factor Authentication. Set your MFA Type as HOTP and TOTP.

  9. Set your password policy.

  10. Click Create Login Authenticator.

Assign Users to the Security Profile

Required permissions: Users Edit

A user in your contact center must have one security profile assigned to them. The CXone interface allows you to assign users to security profiles individually. Repeat these steps for each user, or you can update multiple users at once using the user file upload feature.

  1. Click the app selector and select Admin.
  2. Go to Users.
  3. Open the user you want to edit.

  4. In the General tab, click Edit.
  5. In the Security section, use the Security Profile drop-down to select the security profile.

  6. Select a Login Authenticator.

  7. Click Done.