In an effort to enhance security to our system, Southwestern Payroll will be implementing an enhanced security login structure as outlined below. The change applies to all users within the system, regardless of whether it’s an administrator with full privileges or an employee using the ESS portal. Our goal is to provide not only world-class technology, but world-class security as well.
As all of you are aware, there are frequent news reports of security breaches at large and small companies and governments around the globe. With several high profile data breaches, including the most recent one involving the breach of the federal employee database, employers might be wondering – is there still something we can do better to protect our employees’ data?
The answer is absolutely YES. This is why we are implementing these enhanced security measures to protect the data of your company and employees.
We encourage you to share this information with your staff and employees. Many of them may already be familiar with this kind of process using online banking or other logins, as many banks now have such secure login practices.
ADMIN Summary: Enhanced_Security_Requirements
EMPLOYEE Posting of Security Requirements
MFA Manager Approval
Note: Please share this “EMPLOYEE Posting” document with your employees.
Below is a Summary of the Changes
1. Enhanced Password Standards:
Going forward, your password must contain a minimum of 8 characters and include at least one of the following:
- Uppercase Letter
- Lowercase Letter
An example would be: Password1$
2. Multi-factor Authentication:
Multi-factor Authentication adds an additional level of security. After you enter your username/password and click login, if the system does not recognize this computer as one you have used in the past, the system will require a second form of authentication before you can continue. A code will be emailed or texted to you, which you will then enter to access the system.
The security combination factors are as follows:
- Password = something you know
- Code = something you have
What Will Happen On Thursday Morning?
Step #1: Users should start the login process as usual. After you successfully enter the username and password, the system will prompt you for a new password (even if your current password already meets the new standard). The password criteria will have to meet our new standards outlined above. (There will be on-screen instructions advising users of the new requirements).
Step #2: After changing the password, you will be prompted to configure the Multi-Factor Authentication Settings. Up to three methods can be configured for receiving the code, as follows:
- SMS Mobile #: Will be used to send codes via text message (preferred method)
- Email: Will be used to send codes via email address
- Voice Phone #: Will be used to send codes via phone call
You may choose to enter all 3 or only 1.
The system will have pre-filled any phone or email that is already listed in your account. However if you want to use another phone/email for the purpose of receiving the code, those fields can be overwritten with new information. When done, click save.
Once this step is completed, you will be logged in to the system. (If you change your email or phone number in this process, it will not replace or update information entered in your employee profile, this is used strictly for code authentication).
Next time you log in, the system will list the methods you have selected in the setup process, you will be able to select one of those. The system will generate a random 6 digit code and send it to you, after entering the code; the system will validate the number and grant access to the application.
Important: If this is your office or home computer that you will use in the future to login, you should check the box to remember this computer. This will avoid the code requirement on future logins from “this computer”.
Note: Password Change and Multi-factor authentication Will NOT be required when using Web Clock. However when you login next to the system portal, the system will prompt you to change the password and setup the new Multi-factor authentication; you will then have to use that new password for Web Clock as well.
Mobile users will be required to change their password as well according to the same guidelines. However for the mobile app, the system will not enforce the MFA code authentication. You will be able to login on the mobile app with the username/password only since it does not access the larger data system directly.
We appreciate your cooperation and understanding. We recognize that it might be a small inconvenience during the transition, but it is a big step in the right direction to protect your company and employee data.
If you have any questions please do not hesitate to call 918-388-3320 or email your account representative or email@example.com and we will be glad to assist you.