We've Released Some New Security Features... Again! 🔒

security

#1

Here at Unbounce, we aim to take great care of our customers and their security with built-in safeguards, which is why we’ve released some new security features… Again!

You might remember our update a few months ago when we added web session timeouts and password enhancements, we mentioned that several other security features were coming down the pipe.

Next time you sign into your Unbounce account, you’ll notice a few of these updates, and I’m here to tell you all about ‘em!

New Security Features :lock:

Single Sign-on

Google Single Sign-on (SSO) is designed to help keep track of all the users of a given account in a centralized platform. Available on all plans, all Unbounce customers can now use their Google accounts and credentials to log into Unbounce!

security

In short, it just got way easier to manage verified users on your Unbounce account from one, central directory. You’re welcome, IT managers :+1:

Security Features For Enterprise Plans

Two-Factor Authentication (2FA)

2FA is designed to authenticate users’ identity with their mobile device in addition to their username and password, making it difficult for attackers to exploit vulnerabilities.

Available on our Enterprise plans and above, you can now add an extra layer of protection to the login flow with an authenticator app.

Google Authenticator is very popular (the Unbounce team uses this!), but you can use any of the following in line with your company’s IT policies:

We’re now one of the only conversion marketing platforms with two-factor authentication built right in (so you don’t have to go through integrations or workarounds to comply with your IT manager’s wishes!)

Audit Logs

Audit logs are a centralized stream of user activity within a team, available for Enterprise plans or higher. To access it, click the name in the top right corner of an account, head to “Manage Account” and then click “Audit Logs” in the left navigation under “Account Overview”. Download the entire audit log as a .CSV report.

With Audit Logs, you’ll be able to track the following:

  • Page/Convertable Published
  • Page/Convertable Saved/Modified (any variant)
  • Page/Convertable Created (1st variant)
  • Page/Convertable Unpublished
  • Page/Convertable Deleted
  • Page/Convertable Copied
  • Page/Convertable Name Changed
  • User Invite sent / re-sent
  • User invite declined
  • User invite accepted

This is designed to help large enterprise clients control and monitor the access of information within the organization (by multiple users or clients). Audit Logs can be used to detect suspicious activity or to playback account activity (for example, during an incident review).


Let us know with a comment below :point_down: if you have any questions about these security updates. We hope you love these new features!


#2

#3

Hi,

Your security features are great. But is it really true when you say that you like ”to take great care of our customers and their security”?

What i mean is that if you really did, then all SECURITY features would be available on all plans, not only extra-premium-super-enterprice-plans.

It you love to ”offer security for some” then its the way to go, but if you truly like ”to take great care of our customers and their security”, then its not. Security should be offered to everyone…

Best Regards

Mats


#4

Just wondering…who are your customers?


#5

Hey Mats!

To answer your question, I absolutely do believe that we take great care of our customers and their security.

No matter what plan a customer is on, they have access to many security features that are incredibly effective, and our team has worked hard to keep that way for all of our customers.

Just last year we released Password Enhancements, Timeout Web Sessions, More Secure Email Validation, RestfulAuth to Devise (an upgraded version of how we handle authentication within the app) and Stronger Domain Ownership Validation, which are available on all plans. Our team spends a lot of time working on features like this that are hidden, but have a large impact on the security of our app.

That said, there are definitely some features that are more appropriate for certain plan levels. For example, Enterprise plans are best for marketing teams and agencies that work with a large number of traffic, pages and/or clients; that need to get a large or complex team up and running quickly; and for those that are planning on scaling their marketing campaigns and would like personalized support to succeed. Greater security is typically required for organizations that fulfil these criteria which is why Audit Logs and 2FA are available on Enterprise plans only.

Security is definitely not something that we take lightly here, and I’m glad to see you’ve taken notice of our update. If you have any questions about these security updates that I’ve mentioned above, please don’t hesitate to reach out. I’d happily loop in members of our development team to go into a bit more detail of our features.

All the best! :slightly_smiling_face:

-Jess


#6

Hi Sandy!

I’m afraid I don’t understand the question. Would you mind unpacking that a bit for me?


#7

Certainly. In an email letter sent to my email address, you referred to your customers. Since I’m not a customer, but received a letter about them, I was wondering who the customers are.


#8

Oh! I can definitely clear that up.

If you’re getting email notifications from the community here, it’s because you’ve created an account and have customized settings that will send you updates.

It looks like you’ve been signed up for our community since August 2016. If you’d like, I can help you disable the email notifications. I’ll send you a DM :slight_smile:


#9

Thanks a lot for your answer. :slight_smile:


#10

I would like to know who your customers are. Does that question cause you to think I want to unsubscribe from your mailing list?


#11

Hi Sandy, in public posts in the community, we do not share who our customers are for privacy reasons.


#12