Hey Syncro Community,
I recently released a message on behalf of the Syncro team relating to security. We’ve always cared a lot about security. In fact, I think we were the first RMM to require MFA. At the same time, the landscape of MSP platform security has changed, and more scrutiny is being placed on companies developing the core tools you use to run your business.
I’m happy to share that we’re following through on these efforts, and the first item that went live is an improvement to our multi factor authentication system.
TLDR; All users under your account will now be prompted for MFA at least every 30 days on all devices. You can head over to Settings -> Employees if you want to shorten the duration even further!
Under the existing Employee Settings, you could shorten the default MFA timeout of 30 days to be something more aggressive. The way it worked in the past was that it would only be triggered if you closed all of your browser tabs (ending that session). Now we’ve adjusted it so that it checks on every web request and will interrupt to prompt. This is a huge win for those who want to make sure old sessions can’t stick around without you re-authenticating them more frequently.
We realize it would be even better if you could log other sessions out with a click in the web interface, and don’t worry, that change is coming soon too! You’ll be able to see the other logged in sessions and log them out, coming later this year.
In addition, we do have some more coming down the pipeline, such as IP Allowlist improvements, SAML, and more. Stay tuned!
Chief Technology Officer