Account Security Best Practice:
How do I secure my Deputy account?
We know security is front of mind for our customers and we want to share information to encourage the practice of good security hygiene.
At Deputy, we have a shared security responsibility model where we look after the security of our applications and infrastructure but rely on you, our customer, to ensure access to your account remains secure.
Here are our top recommendations for keeping your information and business safe by preventing unauthorised access to your account.
Here are our top recommendations for keeping your information and business safe by preventing unauthorised access to your account.
Use Single-Sign On (SSO)
We provide, and strongly recommend, the use of Single Sign-On (SSO) for our Deputy Enterprise Plan subscribers. The feature allows customers to define the credential and access policy that is right for their organisation.
We have a comprehensive SSO solution supported by Help Documentation suited to your needs.
We have a comprehensive SSO solution supported by Help Documentation suited to your needs.
Use a unique password to Deputy
Password reuse - the tendency to use the same password across multiple online services - is a leading cause of unauthorised access to online services - commonly referred to as account takeover (ATO). Credentials exposed in one platform means all other platforms that you visit and use this password against become susceptible to attack.
To better protect your credentials, we recommend using a password that is unique to Deputy.
To better protect your credentials, we recommend using a password that is unique to Deputy.
Use a strong password
In addition to using a unique password, we also recommend making this secret a strong one by making it:
- At least 16 characters long
- A mix of uppercase letters, lowercase letters, numbers, and symbols
- Something not easily guessed, like the first letter for each word of a passphrase or personal motto. For example, the long phrase “My annoying boss is making us change our passwords every 90 days!” would become "Mabimucope90d!". It’s seemingly random but still memorable.
- Consider using a Password Manager service
Enable two-factor authentication (2FA)
Enabling two-factor authentication (2FA) means that, even if someone guesses or steals your password, they will also be prompted to provide a secondary secret to gain access to your account. Twice the security layers!
Deputy provides 2FA via the use of an authenticator application such as Google Authenticator and also supports SMS. It can easily be configured on your account within minutes.
If SSO is not available for your subscription plan, we strongly recommend that you enable 2FA and ask those invited to your account to enable the feature too.
Deputy provides 2FA via the use of an authenticator application such as Google Authenticator and also supports SMS. It can easily be configured on your account within minutes.
If SSO is not available for your subscription plan, we strongly recommend that you enable 2FA and ask those invited to your account to enable the feature too.
Protect your computer
It’s no secret that malware and viruses are everywhere these days. An infected computer can lead to unauthorised access to your Deputy account or other services, so it’s important to protect your device:
- Install a reputable anti-malware scanner and keep it updated;
- Be on the lookout for random system restarts or sluggish performance; and
- Consult an IT professional if you suspect your computer might be infected.
Sign out of unused devices
We know technology evolves quickly and device upgrades are fun, but it’s important to sign out and uninstall the Deputy app from your old devices before parting ways with them.
Our support team can help if you’re unsure how to do this safely.
Our support team can help if you’re unsure how to do this safely.
Report suspicious activity and security vulnerabilities
Deputy treats the security of your account and data with the utmost respect. If you notice suspicious activity, please contact us immediately so our security team can investigate the event.
If you’ve noticed a security flaw with our application, please visit our Report a Vulnerability page to report it as soon as possible so it can be promptly triaged and remediated.
If you’ve noticed a security flaw with our application, please visit our Report a Vulnerability page to report it as soon as possible so it can be promptly triaged and remediated.