To bolster our application's security, we have a new login protocol. This update is critical for maintaining the integrity and safety of user data.
Enhanced Password Policy: Aligning with our commitment to security, we're implementing a more robust password policy. Users will be required to update their passwords to adhere to these new guidelines, ensuring enhanced protection against unauthorised access.
Multi-Factor Authentication (MFA): Over the coming months we’ll be shifting to a mandatory ‘multi-factor authentication'. In line with the latest recommendations from the National Cyber Security Centre, multi-factor authentication will become a requirement for all users. This additional layer of security ensures that account access is granted only to verified users, significantly reducing the risk of compromise. When logging into Hero, you will need to provide a ‘second-factor’ password, either via email or an authenticator app.
Multi-Tenant Login Capability: Recognising the needs of users who manage multiple accounts (e.g., PCN Managers), we're introducing a multi-tenant login feature. This will allow designated users to switch between different accounts seamlessly, without the need to log out and log back in. This feature aims to streamline the management of multiple accounts, making it easier and more efficient.
Infrastructure and Compliance Updates
Sub-Processor List Update: As part of our security enhancement efforts, we're updating our list of sub-processors to include Kinde, which supports our multi-factor authentication feature. Kinde utilises UK-based servers, ensuring that our data handling practices comply with local data protection regulations.
For detailed information on our updated sub-processor list and how we work with these entities to deliver our services, please refer to our support documentation here.
