Palace Data Security Overview 

We would like to remind you that phishing attempts are still prevalent, and we urge you to be vigilant in protecting your client and personal information. Scammers are becoming more sophisticated, and it can be hard to differentiate between legitimate correspondence and a phishing attempt. 

Whether it’s Palace, social media, or your online shopping accounts, your personal information is on the World Wide Web. As products and services continue to strive to amaze and innovate using modern technology, we thought it would be timely to reiterate a few quick tips and best practices to help keep your personal information safe online. Now, in no way, are we qualified cyber security experts, but we do know a thing or two about securing data and avoiding disaster. 

Advanced Security:

1. We highly suggest enabling Single Sign-On (SSO) to access Palace. This adds a layer of authentication when accessing Palace and protects your user login data. You can use Google or Microsoft Office SSO to log into Palace. Learn to set up SSO: Google Authenticator or Microsoft Office.
2. Taking your security one step further from single sign-on, the Multi-factor Authentication (MFA) process triggers a unique code in an authenticator app to give users access to their Palace account. You can implement MFA within your Google or Microsoft SSO accounts and connect them to Palace and have MFA protecting you today.
3. Bank approval workflow in Palace. What’s more sensitive than bank account details? We all know that thousands of bank accounts live in your Palace database, whether it’s for an owner, tenant, or supplier. The new 2-step approval workflow isolates the number of users that have the authority to make changes to bank accounts and enforces a 2-step approval process for all remaining users | Find out more here 

Intermediate Security:

1. Avoid saving your password to your browser. Using a third-party platform to save your passwords, such as Last Pass or 1Password helps keep your credentials more secure, and easily accessible.
2. When working remotely, whether it’s taking a meeting from the car, working from a café, or clearing some emails during a commute, be careful of the internet connections you use. Ensure you log out of sites and completely disconnect when leaving the area (applies to anywhere that offers free Wi-Fi, i.e. hotels and airports). We recommend not using public Wi-Fi connections, as they are generally not secure. 

The Basic Security:

1. Rule number 1: Don’t be that person that saves your username and passwords on your desktop using a sticky note, word doc, or even google sheets. Doing so allows anyone who can see them to impersonate you, and potential take malicious actions using those credentials.
2. Remember to lock your PC when leaving your desk. As with many other products, Palace automatically logs you out after 1 hour of inactivity.
3. Keep an eye out for phishing or misleading emails. These are getting harder to identify, but a good starting point is to verify the ‘senders’ details. If it’s an address that you’re not familiar with, then hit that delete button, or when in doubt, reach out to your IT team. To learn more about how to spot phishing emails, the Department of Internal Affairs has some advice here.