Commonly accepted IT security measures generally advise against sharing logins, and we at Khoros adhere to the same belief and practices. By keeping unique and discrete logins for each user in your organization, you minimize risk and help us provide you with the highest degree of service and security.
Most shared usage starts as a temporary solution to an access problem. A coworker needs access to a certain report or to perform a specific task. It seems easier to share existing account info than to create a new ID. That logic ignores the downstream impact and the risks involved.
Many users may not even realize the security risks and potential consequences of sharing account credentials and passwords. There are three main areas of risk:
By creating unique accounts for each of your organization s users, you can take full advantage of the support and security Khoros provides.
Maintaining individual accounts within Khoros also allows you to take full advantage of our data protection and security measures. Just like with Support, our Security and Risk teams have less insight into the individuals using shared accounts. This directly affects our team's ability to respond quickly and accurately to potential security incidents, including errant posts and comments to your brand accounts or confidential data leaks. The Khoros platform supports security controls such as password expiration, inactivity timeout, absolute timeouts, and Single Sign-On (SSO) that are only effective with individual, unique user accounts.
Khoros Support uses all available account information when managing support requests in order to better serve you. When these logins are shared or generic, we have less insight into the individuals on your team accessing the platform through the single account. If, for example, a shared login is connected to a team email, and a user from your team sends a support request from their individual email account, our system is unable to automatically connect the request to the appropriate account within Khoros. This creates unnecessary delay in investigating any issues you report or helping you troubleshoot specific questions. However, when all individual users on your team have Khoros logins associated with their own email addresses, it s much easier for us to quickly connect users with their instances, permissions, and account settings when providing support.
Many other Khoros features have been designed with individual user accounts in mind. Functionality like approval teams and workflows, auto-assignment rules, and customizable roles and teams give you the flexibility you need to tailor your Khoros instance to your unique organization. These features and more take advantage of fine-grain user-level configuration only possible through the use of individual, not shared, accounts.
Need to make changes to your user setup? Company admins can check out this article on how to add, remove, and manage users to get started creating new users within your instance. If you need additional licenses to get full value from your software investment, please contact your Strategic Sales Director. They can assess your current license setup against your needs and offer you a solution.
If you are not sure if you have shared logins, please contact Khoros Support and they can help with a quick audit to provide additional information.