Skip to main content

Settings

This is a menu where you can configure account settings, account synchronization settings, user authentication settings, log settings, logo settings, and enable settings.

  • 사용함or사용안함You can select to enable or disable the feature.
  • 저장Click the button to save the settings.

Account Settings

You can set the account deactivation period, password policy, automatic logout settings (unused automatic logout / duplicate login automatic logout), and whether to display recent access information.

Set account deactivation period

  • Set the account deactivation period.
    • If the user does not log in during the set period, the user's account will be deactivated.
    • Disabled user accounts can be activated from the user management menu.

Password Policy Settings

Users added through external account integration (Microsoft, SAML) do not have the configured password rules applied.

  • Password policy settings
    • Users can set rules to follow when changing or creating a password.
    • You can set the required characters and minimum length.
  • Password Change Cycle Setting
    • You can set the frequency for changing the password.
  • Password reuse restriction
    • You can restrict the use of recently used passwords so that they cannot be reused when changing the password.
    • You cannot reuse the recently used passwords for the number of times you have set.
      • For example, if set to 2, the user cannot reuse the last 2 passwords (password1, password2). Therefore, when setting the password next time, a new password such as password3 must be used.
  • Password Change Extension Settings
    • You can choose the number of times you can extend without changing the password and the extension period.
  • Set URL for password change redirection
    • Set the URL to redirect to when changing the password.
  • User initial password setting
    • Set the initial password to be used when a manually registered user logs in for the first time.
    • When you successfully log in for the first time with the initial password, you will be redirected to the password change page.

Automatic Logout Settings

It is set to automatically log out if there is no usage for a certain period of time or if duplicate access occurs. You can individually set the application status and logout time for each service, or apply the same time uniformly across all services. This can only be applied to services that are currently subscribed to and have completed development (Management Center, SHIELD Drive, SHIELD Gate).

**Menu Access:**Security 365 Management Center > Settings > Account Settings

Unused automatic logout

If no mouse or keyboard input is detected for the set period of time, you will be automatically logged out of the service.

  • Toggle isNot in useIf it is the (default) setting, the service selection and time setting area will not be displayed.
  • toggleuseChanging it will display the service list and time setting area.

Application service and logout time settings

  • Only the list of currently subscribed (in use) services is displayed, and only services that have been completed can be selected. (Unfinished services are displayed as inactive)
  • Select multiple services through the checkboxes, or at the top of theSelect AllYou can select all services at once with the checkbox.
  • You must select at least one service to save.
  • Set the logout time applicable to each service individually in the dropdown of each service row.
    • Logout time options: 10 minutes (default) / 30 minutes / 1 hour ~ 12 hours (in 1-hour increments)

Batch apply

  • After selecting a time from the "Time Selection" dropdown in the select all row,**[Application]**When you click the button, the logout time for all currently checked services will be changed in bulk to the selected value.
  • You can change the time again in the individual service dropdown even after applying the changes in bulk.
  • Batch application only changes the time, while saving is**[Save]**You need to click the button separately for the final reflection.

User screen when automatic logout due to inactivity occurs

지정된 시간 동안 활동이 감지되지 않아 보안을 위해 자동으로 로그아웃되었습니다.
다시 로그인하여 서비스를 이용해 주세요.
[다시 로그인]

Automatic logout for duplicate logins

If a new connection occurs from a different IP with the same account, the session of the existing connection IP will be automatically terminated. Since the connection blocking criteria is based on IP conflict detection, only service selection is provided without time settings.

  • Toggle isNot in useIf it is the (default) option, the service selection area will not be displayed.
  • toggleuseChanging to __PH_0__ will display the service selection area.

Select Application Service

  • Only the list of currently subscribed (used) services is displayed, and only services that have been completed can be selected.
  • select multiple services through checkboxes, orSelect AllYou can select all services at once with the checkbox.
  • You must select at least one service to save.

User screen when automatic logout occurs due to duplicate login.

중복 접속으로 인해 로그아웃되었습니다.

다른 위치에서 동일 계정으로 접속하여 보안을 위해 자동으로 로그아웃되었습니다.
본인이 접속한 것이 아닌 경우 즉시 비밀번호를 변경해주세요.
[다시 로그인]

Recent access information

  • When logging into the management center, you can set it to display the date and time of the user's last access to the service and the IP address.

Account Authentication Policy Settings

  • You can set a policy to temporarily lock the account in case of user authentication failure.
  • If the set number of failures is reached, the account will be automatically locked and will be automatically unlocked after the specified time.
  • Number of authentication failuresMaximum number of allowed failures before the account is locked (5 times / 10 times / 15 times)
  • Account lockout duration: Time until automatic unlock after account lock (5 minutes / 10 minutes / 30 minutes / 60 minutes)
  • A locked account will be restricted from logging in until the set time, even if the correct password is entered.

Applies only to manual login users who do not use SSO (Single Sign-On).

Inactive Account Automatic Deactivation Policy

**Menu Access:**Security 365 Management Center > Settings > Security Policy > Inactive Account Automatic Deactivation Policy

You can set a policy to automatically deactivate user accounts that have not been accessed for a certain period. Based on the set period, the SHIELD ID scheduler performs automatic deactivation processing daily. Admin accounts are excluded from automatic deactivation.

ItemDescription
Automatic Deactivation of Inactive AccountsUse / Unused selection (Default: Unused)
Deactivation criteria periodSet the number of days elapsed since the last access (default: 90 days, enter an integer of 1 or more)
  • UnusedThe duration input field will be disabled when selected.
  • Clicking [Save] will apply the settings, and a toast message indicating success or failure will be displayed.

Inbound Provisioning

You can synchronize personnel information (users, groups) registered on the Microsoft 365 Document Security SCI server. Additionally, you can automatically synchronize personnel information according to a specified schedule and time.

Microsoft 365 synchronization settings

  • Synchronization method

    • Full synchronization: Synchronizes all AD groups and user information registered with the Microsoft account to Security365 (SHIELD ID).

    • Sync specified AD groups: Only the groups and members selected by the administrator from the AD groups registered with the Microsoft account will be synchronized.

      • When synchronizing the specified AD group, only the selected groups and members will be synchronized, and other groups and members will be deleted.

        • 사용자, 그룹User and group information manually entered in the menu will not be deleted due to synchronization.

      • AD 그룹 관리of그룹 선택You can select the group to synchronize by clicking the button.

        • 구성원 보기You can click the button to check the subgroups and member information of the selected group.
          • When synchronizing a group, the subgroups of the selected group are also synchronized.
        • After selecting the group to synchronize,확인You can check the information of the selected group by clicking the button.

      • To apply the synchronization settings, please refer to the bottom of the저장Click the button.저장Settings will not be applied if the button is not pressed.

  • For group synchronization, the group type in Microsoft is __PH_0__.보안 그룹or메일 그룹Only groups registered as __PH_0__ will be synchronized.Reference Document]

  • For companies that registered manually without signing up with Microsoft

    • synchronization method is전체 동기화if set to지금 동기화You can link your MS account by pressing the button.

    • synchronization method is지정된 AD 그룹 동기화if set toAD 그룹 관리You can link your MS account by pressing the button.

    • After logging in with an MS account that has administrator privileges, a successful linkage notification will appear once the delegation of authority is received.

    • After saving the synchronization settings __PH_0__수동 동기화You can link the greeting information by clicking the button.

      ※ Caution ※

      After successfully linking the account, go to 'Settings > User Authentication Settings'Security365 인증 사용, CSP 인증 사용> Microsoft 계정 인증You need to activate __PH_0__ for the existing administrator to log in with a manual account.

SCI Server account synchronization settings

  • The SCI Server account synchronization will operate only if the SCI server integration settings are configured correctly.
    • SCI server integration settings
      • Set the IP and Port of the SCI server.연동 테스트You can check the SCI server integration status by clicking the button.
      • If the user ID of the server you want to link is composed of employee numbers or characters rather than in email format, you can set a domain to add users in email format.
        • For example) Domain __PH_0__softcamp.comIf set to __PH_0__, the ID on the SCI server will be __PH_1__.gildong.hongThe user isgildong.hong@softcamp.comIt will be synchronized in the format.

Automatic Synchronization (Set Synchronization Interval)

  • Use the toggle switch to control the activation/deactivation of the option.
  • Once the administrator sets the time and saves it, synchronization will occur daily at the specified time.

Instant synchronization

  • bottom of the수동 동기화Clicking the button will immediately execute synchronization based on the saved synchronization settings.
  • Once the synchronization is complete, the success/failure status of the synchronization and the completion time will be displayed.
  • If synchronization is in progress, a duplicate synchronization will not start.

Check user group path on the log page after HR integration.

경로 표시 기준 그룹 설정You can check the group path that the user belongs to on the log page based on the selected group using the option.

Setting Method 1 - Select Synchronization Method in Security365 Management Center

  1. Log in to the Security365 Management Center.
  2. Go to the [Settings] → [Inbound Provisioning] menu.
  3. Select a synchronization method.
    • Microsoft Full Sync
    • Microsoft designated group synchronization
    • SCI Server synchronization

Setting Method 2 - Group Path Display Settings

  1. 경로 표시 기준 그룹 설정Activate the checkbox option.
  2. Select a path-based group. (Applicable only to Microsoft Sync.)
    • Full synchronization
      • An administrator sets up one top-level root group.
    • Designated group synchronization
      • When an administrator selects specific groups as synchronization targets, those groups are set as the top-level root groups.
  3. Proceed with synchronization after completing the automatic synchronization settings. (or manual synchronization)
Synchronization methodSelect Path Display Reference GroupGroup path output methodSpecial Notes
Microsoft Full Sync✅ PossibleOutput based on the selected group.Includes all users of the entire tenant
Microsoft designated group synchronization✅ PossibleOutput including only the selected group.Users outside the selected group cannot be included.
SCI Server synchronization✅ Possible, but direct selection is not necessary ❌Automatic output based on the top-level group.A structure where only one organization of the user exists.

Method 3 for Configuration - Check Group Path on the Log Page

  1. You can view the logs of the desired user in the [Log] menu.
  2. **부서**Check the affiliation group path in the column.
  3. You can search logs based on the user's group path.
    • For example: The path is __PH_0__.소프트캠프/영업부문/영업1팀/홍길동in case of,소프트캠프, 영업부문, 영업1팀Searchable by

⚠️ Caution - Points to Note When Setting Path-Based Group Configuration

  • If the reference group is set incorrectly, some users may not be able to see their group paths.
  • In Microsoft designated group synchronization, user data outside of the selected group is not included.
  • The SCI Server automatically sets the top-level group, so there is no need for separate selection.

User Authentication Settings

You can configure the user login authentication method.

Use Security365 certification

  • Users are authenticated with the Security365 ID and password.
  • Manually registered users can log in using Security365 authentication.

Use CSP authentication

  • Users are authenticated using Microsoft and Google accounts used in the organization.
    • Microsoft account authentication
      • Microsoft 계정 인증When used, on the login pageMicrosoft 로그인The button will be activated.
      • Users linked through Microsoft synchronization can log in to the Security365 service with their Microsoft account.
    • Google Account Authentication
      • Google 계정 인증When using, on the login pageGoogle 로그인The button will be activated.
  • as an authentication methodMicrosoft 계정 인증orGoogle 계정 인증If activated, when entering the ID on the login page, it will redirect to the login page of the linked service.

Use SSO Authentication (SAML)

  • SAML authentication is performed using the IdP managed by the organization.
    • To use SAML authentication, you need to configure IdP settings, SP settings, and Redirect URL settings.
    • If only SAML authentication is enabled as the authentication method, entering the ID on the login page will redirect you to the login page of that service.

If no authentication method is selected,Security365 인증, Microsoft 계정 인증, Google 계정 인증You can use all of them.

img

Log settings

You can regularly back up log data and store and manage archive files.

Log backup settings

  • Log backups are automatically executed according to the configured time zone and backup frequency.
  • The backed-up logs are stored as archive files containing data for the configured period.
  • If the number of saved files exceeds the specified maximum, the oldest files will be deleted.
  • Backup time and time zone settings
    • 로그 백업 주기You can set the interval at which log backups will be executed automatically.
      • Daily: Backups will be executed at the set time every day.
      • Monthly: Backups will be executed on the set date and time each month.
      • Every year: Backups are executed on the specified month, day, and specific time set each year.
    • 표준 시간대Users can set their own time zone.
  • Log collection period setting
    • 로그 수집 기간You can set the collection period for the logs to be included in the archive file.
      • The collection period starts from the day before the backup date and includes logs from the selected period.
      • Range of stored log data:
        • Collection start date: 00:00:00.
        • Collection end date: 23:59:59.
      • If the administrator selects "30 days":
        • Backup date: August 15, 2023.
        • Logs included in the file: from July 16, 2023, 00:00:00 to August 14, 2023, 23:59:59.
  • Archive File Management
    • 아카이브 파일 개수You can set the maximum number of archive files to be stored.
      • When exceeded, the oldest files will be deleted first.
      • For example, if set to a maximum of 10, the oldest file will be deleted when the 11th file is created.
    • 아카이브 파일 목록You can check the list of generated archive files and download them.
  • Backup log external transmission
    • When used, the generated log backup files will be automatically sent to the configured external storage.
      • SSH ID: Access Account ID
      • SSH PW: Access account PW
      • IP: Remote server IP address
      • Port: Remote server Port
      • Transmission target path: The absolute path where the log backup file will be stored (if the path does not exist, it will not be transmitted.)
    • 연결 테스트The save settings button will be activated only after the connection is successfully established with the button.
      • If the connection is successful, a connection test success message will be displayed at the bottom of the settings window.
  • Automatic deletion of the log files
    • When enabled, the backed-up original logs will be deleted and cannot be recovered.
    • When set to disabled, the original logs are not deleted and are retained.

Logo Settings

Login Page Settings

You can configure whether to display the logo and buttons on the login screen.

  • Logo
    • You can change the logo image displayed on the login page.
    • Click the edit icon on the right.이미지 변경By clicking the option, you can upload the desired logo image.
      • Supported file formats: PNG/SVG/JPG
      • Recommended size: Width 160 ~ 356px, Height 34px
      • Maximum capacity: less than 2MB
    • 기본 이미지로 변경Clicking will change it to the default login page logo.
  • Favicon
    • You can change the favicon image that will be displayed in the browser tab.
    • Click the edit icon on the right.이미지 변경By clicking the option, you can upload your desired favicon image.
      • Supported file formats: ICO/PNG
      • Recommended sizes: 16 X 16, 32 X 32
      • Maximum capacity: less than 500KB
    • 기본 이미지로 변경Clicking will change it to the default favicon image.
  • Tab Name
    • You can change the text that will be displayed as the title of the browser tab.
      • -, _, &Only special characters are allowed; others are not permitted.
  • Password Reset Button
    • on the login page비밀번호 재설정You can hide the button.
  • Sign Up Button (for on-premises only)
    • You can sign up for the Security365 service on the login page.등록하기You can hide the button.

Service-specific logo settings

You can set the GNB logo, browser tab name, and favicon to be displayed on each service screen. In the case of services that are divided into administrator/user pages, you can set them separately.

  • GNB logo
    • You can change the logo image in the top header of the console for each service.
    • Click the edit icon on the right.이미지 변경By clicking the option, you can upload the desired logo image.
      • Supported file formats: PNG/SVG/JPG
      • Recommended size: Width 140px, Height 30px
      • Maximum capacity: less than 2MB
    • 기본 이미지로 변경Clicking will change it to the default page logo.
  • Favicon
    • You can change the favicon image that will be displayed in the browser tab.
    • Click the edit icon on the right.이미지 변경By clicking the option, you can upload your desired favicon image.
      • Supported file formats: ICO/PNG
      • Recommended sizes: 16 X 16, 32 X 32
      • Maximum capacity: less than 500KB
    • 기본 이미지로 변경Clicking will change it to the default favicon image.
  • Tab Name
    • You can change the text that will be displayed as the title of the browser tab.
      • -, _, &Only special characters are allowed; others are not permitted.

Settings

You can selectively display only the necessary menus according to the organization's usage environment and hide unnecessary menus to simplify the management screen.

Feature Overview

You can select the menus to be displayed on the Security365 Portal admin page. You can hide unused menus to simplify the management screen and enhance usability.

Required Menu

The following menu is a mandatory menu and will always be displayed.

  • User, Administrator, Group, License, Condition Item, Log, Settings
  • System Monitoring (Displayed when setting up in On-Premise environment)

⚠️ Display Restrictions by Administrator PermissionsThe license menu is only displayed with super administrator privileges.

Selection Menu

This is a menu where you can choose whether to display or not.

Using the Home Menu

  • DescriptionThis is the home screen menu that displays the dashboard and overall status.
  • When not in useAfter logging in, the first screen will navigate to the first available menu.

Using the Security Classification Label Menu

  • DescriptionThis is a menu for managing data classified by grade and label.
  • When usingYou can register labels to be used for data classification in each service.

Using the Conditional Policy Menu

  • DescriptionThis is a menu for managing login authentication policies by service.
  • When not in use: All users can access with only ID/PW authentication.
  • When usingYou can set up an authentication policy with applied conditions.

Use of approval service

Approval service usage status

  • **Used (ON)**The approval service is activated, and the approval process proceeds according to the policies set in the linked service.
  • Not in use (OFF): The approval service is disabled, and the approval process is not available.
승인서비스는 연동된 서비스에서 발생하는 승인 요청을 통합 관리하는 서비스입니다. 
미사용으로 설정하면 연동 서비스에서 승인 요청이 차단되며, 사용자페이지에서 승인서비스 관련 메뉴도 표시되지 않습니다.