Microsoft O365 for Authentication
I tried the O365 Authentication, which is an interesting new feature. One benefit I expected was that if an employee was terminated and their account disabled, they would be prevented from accessing Insightly along with the other O365 products.
It looks like what's actually happening is I can use that email address to login using Insightly OR O365 authentication -- meaning a terminated employee could login using their Insightly password, even if their O365 account was disabled.
Just want to understand if there is a way to default to O365 auth or if I should think about this as an end-user convenience, but not a security feature.
Comments
Hi Hamel - great question. You are correct, the login with Office 365 is ultimately more about the convenience and time saving rather than security as it is not tied to your active directory and is not a security feature.
We do offer SAML SSO on our Enterprise Plans and two factor authentication.
Here is a link to our Azure AD integration: https://azuremarketplace.microsoft.com/en-us/marketplace/apps/aad.insightly?tab=Overview
Why is a standard security feature only available with your premium plan?
Please sign in to leave a comment.