Last verified: 2026-05-19

Security overview

Tenant security settings, auditability, device trust, and network controls.

Hub route

/admin/security — Security Dashboard

Staff mirrors under /staff/security/* when permitted.

Sub-areas

Steps — review audit activity

1. Open Security → Audit (or /admin/security/audit).
2. Filter by user, action, or date.
3. Investigate suspicious changes (staff role edits, payout setting changes).

Steps — restrict by IP (optional)

1. Enable enableNetworkRestrictions on plan.
2. Configure rules at /admin/security/network.
3. Add exemptions for roaming admins at /admin/security/network-exemptions.

Per-screen steps

Security settings (/admin/security/settings)

1. Open Security → Settings.
2. Review password complexity, session timeout, and MFA requirements.
3. Save changes; notify staff if policies tighten.

Audit logs (/admin/security/audit)

1. Requires enableSecurityAuditLogs on plan.
2. Filter by actor, resource, or date range.
3. Export or screenshot entries for compliance tickets.

Trusted devices (/admin/security/devices)

1. List devices that accessed the dashboard.
2. Revoke trust for lost or unknown devices.
3. Ask affected users to sign in again and re-register.

Network restrictions (/admin/security/network)

1. Add allowlist CIDRs for office IPs.
2. Test from allowed and blocked networks before enforcing block mode.
3. Document fallback access via exemptions.

Related articles

• Invite and manage staff
• Permissions matrix