Skip to main content
Version: Current

FAQ: What are some user security best practices?

Maintaining security is a shared responsibility. Here are some best practices all Zudello users should follow:

  1. Strong Passwords:

    • If using password login (not SSO), create a strong, unique password for Zudello. Don't reuse passwords from other sites.
    • Use a combination of upper/lowercase letters, numbers, and symbols.
    • Consider using a password manager to generate and store complex passwords securely.
    • Change your password immediately if you suspect it might have been compromised. See Resetting Your Password.

  2. Two-Factor Authentication (2FA/MFA):

    • If your organisation enables 2FA/MFA (either via Zudello settings or your SSO provider like Microsoft Entra ID), always use it. It adds a critical layer of security beyond just your password.

  3. Log Out: Log out of Zudello when you finish your session, especially on shared or public computers.

  4. Beware of Phishing:

    • Be cautious of emails or messages asking for your Zudello login details. Zudello will never ask for your password via email.
    • Verify the sender address and website URLs before clicking links or entering credentials. Zudello login pages are typically on zudello.io or zudello.com domains.
    • Report suspicious emails to your IT department or Zudello support.

  5. Secure Devices: Ensure the computer or mobile device you use to access Zudello has up-to-date antivirus software and operating system security patches. Avoid accessing Zudello from untrusted public Wi-Fi networks without a VPN.

  6. Permissions Awareness: Understand the permissions associated with your role. Don't attempt actions you aren't authorised for. Report any unexpected access capabilities to your administrator.

  7. Delegation Management: If you delegate your approvals, ensure you delegate to a trusted colleague and set appropriate end dates. Remove delegations promptly when no longer needed. See Setting Up Approval Delegation.

  8. Report Suspicious Activity: If you notice any unusual activity on your account or suspect unauthorised access, report it immediately to your organisation administrator and/or Zudello support.

Following these practices helps protect your account and your organisation's sensitive financial data within Zudello.

title: What are some user security best practices? description: Recommendations for users to maintain security when using Zudello. slug: /faq/general/security-best-practices sidebar_label: What are user security best practices?

FAQ: What are some user security best practices?

Maintaining security is a shared responsibility. Here are some best practices all Zudello users should follow:

  1. Strong Passwords:

    • If using password login (not SSO), create a strong, unique password for Zudello. Don't reuse passwords from other sites.
    • Use a combination of upper/lowercase letters, numbers, and symbols.
    • Consider using a password manager to generate and store complex passwords securely.
    • Change your password immediately if you suspect it might have been compromised. See Resetting Your Password.

  2. Two-Factor Authentication (2FA/MFA):

    • If your organisation enables 2FA/MFA (either via Zudello settings or your SSO provider like Microsoft Entra ID), always use it. It adds a critical layer of security beyond just your password.

  3. Log Out: Log out of Zudello when you finish your session, especially on shared or public computers.

  4. Beware of Phishing:

    • Be cautious of emails or messages asking for your Zudello login details. Zudello will never ask for your password via email.
    • Verify the sender address and website URLs before clicking links or entering credentials. Zudello login pages are typically on zudello.io or zudello.com domains.
    • Report suspicious emails to your IT department or Zudello support.

  5. Secure Devices: Ensure the computer or mobile device you use to access Zudello has up-to-date antivirus software and operating system security patches. Avoid accessing Zudello from untrusted public Wi-Fi networks without a VPN.

  6. Permissions Awareness: Understand the permissions associated with your role. Don't attempt actions you aren't authorised for. Report any unexpected access capabilities to your administrator.

  7. Delegation Management: If you delegate your approvals, ensure you delegate to a trusted colleague and set appropriate end dates. Remove delegations promptly when no longer needed. See Setting Up Approval Delegation.

  8. Report Suspicious Activity: If you notice any unusual activity on your account or suspect unauthorised access, report it immediately to your organisation administrator and/or Zudello support.

Following these practices helps protect your account and your organisation's sensitive financial data within Zudello.