We are excited to announce a series of updates designed to enhance the security and usability of our platform. These changes are part of our ongoing commitment to provide a secure and efficient service to all users. Below, you'll find details on the upcoming enhancements and how they will improve your experience.
New Login Protocol Implementation
To bolster our application's security, we are introducing a new login protocol. This update is critical for maintaining the integrity and safety of user data.
Key Updates Include:
Enhanced Password Policy: Aligning with our commitment to security, we're implementing a more robust password policy. Users will be required to update their passwords to adhere to these new guidelines, ensuring enhanced protection against unauthorised access.
Multi-Factor Authentication (MFA): Over the coming months we’ll be shifting to a mandatory ‘multi-factor authentication'. In line with the latest recommendations from the National Cyber Security Centre, multi-factor authentication will become a requirement for all users. This additional layer of security ensures that account access is granted only to verified users, significantly reducing the risk of compromise. When logging into Hero, you will need to provide a ‘second-factor’ password, either via email or an authenticator app.
Multi-Tenant Login Capability: Recognising the needs of users who manage multiple accounts (e.g., PCN Managers), we're introducing a multi-tenant login feature. This will allow designated users to switch between different accounts seamlessly, without the need to log out and log back in. This feature aims to streamline the management of multiple accounts, making it easier and more efficient.
Infrastructure and Compliance Updates
Sub-Processor List Update: As part of our security enhancement efforts, we're updating our list of sub-processors to include Kinde, which supports our multi-factor authentication feature. Kinde utilises UK-based servers, ensuring that our data handling practices comply with local data protection regulations.
For detailed information on our updated sub-processor list and how we work with these entities to deliver our services, please refer to our support documentation here.
These updates mark a significant step forward in our journey to provide a secure and user-friendly platform. We believe these changes will not only enhance security but also improve the overall user experience on our platform. Should you have any questions or need further clarification, please do not hesitate to reach out to our support team.