Keeping your system secure and your client and medical data safe is of utmost importance so there are a few features in PPS and PPS Express to help you to ensure that your system is as secure as possible.
The following guide gives you an introduction to the Security features available in PPS v4.0.88 and above as well as a general run-through of controlling and resetting passwords for your users.
Section 1 - Password Complexities
A. Minimum Password Requirements
Certain minimum password requirements apply to PPS and Express logins. These password requirements depend on whether you have Two Factor Authentication enabled on your logins. For more information on Two-Factor Authentication please see Section 3 below.
If 2FA is enabled
If you have 2FA enabled, you can set a 'Standard' security level password which must be between 8 and 64 characters long and may contain letters, numbers, spaces and special characters.
If 2FA is not enabled
If you do not have 2FA enabled, you will be required to set a 'High' security level password which must be between 12 and 64 characters long and may contain letters, numbers, spaces and special characters.
If your current password does not meet these requirements, you will be prompted to update your password the next time you log in.
2FA can be enabled for each user that accesses PPS Express. When turned on, you will be prompted for your password and your 2FA code when logging in to PPS Express.
B. User Credentials & Login Authentication Options
You can also set global Password Complexities for all users in your system forcing the users to choose a password with certain minimum criteria.
To access these settings navigate to Tools > Options > General System Options > Security.
Please Note: Only the System Administrator can access and modify this screen.
Open this screen, select the required password complexity and select Apply and then OK and this will apply those requirements and encrypt all of your PPS passwords.
If you make changes to the required complexity in this screen then any users whose passwords do not meet the complexity will be prompted to change their password when they next sign in.
C. Applying Password Complexities to Individual Users
In addition to making blanket changes from the Security screen, you can configure complexity requirements on an individual user basis when logged in as the System Administrator. To do this navigate to Tools > Set Up Practitioners and System Users and double-click the user you want to set a different complexity for.
In the Log In Details tab you can choose to set a different complexity for this individual user or practitioner. It is only possible to set a complexity ranked higher than the one presently applied to the general system.
If you make a change to a user's individual complexity setting then they will be prompted to change their password to one that complies if their current one does not when they next log in.
Please Note: For all systems on v4.0.88 and above all passwords are case-sensitive. Login IDs are not case-sensitive.
Once you've made a change to password complexity system-wide or for an individual user a check will be performed upon the next login that looks to see if the current password matches the required complexity. If it does not then the user logging in will be prompted to reset their password:
If they enter a new password that does not match the new requirement then they will receive a prompt advising of the complexity that needs to be applied.
The same prompts will appear if the administrator goes to reset a user's password via Tools > Set Up Practitioners and System Users.
Section 2 - Advanced Login Options
The first of these settings apply only to standalone PPS Local systems where users are accessing the system on a domain for which they have individual logins that they would like to use for PPS.
You will not be able to use this option if you sync with a PPS Hosted system or a local system on a different domain. The settings will synchronise and will be inapplicable on the syncing systems, your access will be affected.
Contact our support team via support@rushcliff.com if you are unsure as to whether this option will work for you.
Enable this method of logging in here and then navigate to each individual user profile via Tools > Set Up Practitioners and System Users and add the domain details in the Log In Details tab
The second option shown above, regarding the external third-party library, allows 3rd party programs to store PPS login details. This requires a custom application for your system. Contact our sales team via sales@rushcliff.com to register any interest in this feature.
Section 3 - Two-Factor Authentication
For added security on your PPS login, we recommend that you set up Two-Factor Authentication (2FA) on your login.
2FA provides an extra level of security on your login meaning that if your device is stolen or lost or your password is accessed you still have a second layer of security prompting access to your sensitive PPS data.
With 2FA enabled on your PPS login, you will log into PPS with your normal username and password and then you will be prompted to enter a code that is emailed or sent via SMS to your nominated details.
A. Two-Factor Authentication in PPS
For more information on setting up 2FA in PPS please read this guide.
B. Two-Factor Authentication in Express
For more information on setting up 2FA in PPS Express please read this guide.
Section 4 - Hosted Password Requirements
If you have a PPS-hosted system you will be logging into PPS through the Microsoft Remote Desktop connection.
You will have a password that is set up by PPS Support that will also need to meet certain requirements.
If you reset your PPS Hosted password you will need to ensure that the new password meets the minimum character requirement of 12 characters.
For steps on how to reset your password, please read this guide.
Section 5 - Tips for keeping secure
A. Choosing a secure password
Top cyber security specialists would recommend using a passphrase. A passphrase is a combination of words that form a memorable phrase.
You could create your own passphrase by combining three random words. This way you can create a password that's 'random enough' to keep your login secure, but also 'easy enough' for you to remember.
Read this blog by the National Cyber Security Center, who are the government body involved in cyber essentials, for more tips on creating a passphrase and why they are so secure.
B. Lock the PPS screen after a certain period of inactivity
The PPS System Administrator can add a setting to lock the PPS system for the specific user after a certain amount of inactivity. This will just ensure that if the user steps away from their computer the system will lock, without actually logging the user out of PPS, requiring them to enter their password again as follows:
This setting can be found by going to Tools > Set Up Practitioners and System Users > select the user > Modify > Security:
C. Do not share login credentials
All users should be issued their own login for PPS and Express so that users don't have to share any log in details.
PPS and Express allow you to add unlimited users/practitioners/diaries to your system and you are only charged for concurrent users - the number of users that will be logged into each system at one time. So you should be able to ensure that each user has their own unique and secure login details.
For setting up users in PPS you can read this guide and for setting up users in PPS Express you can see this guide.