Security within your HubSpot portal should be a top priority for your technical and administrative teams. With the release of the new HubSpot Security Center, you now have an easy way to monitor top security measures to ensure you keep your portal safe.
Understanding your account's level of security used to require you to visit several different settings pages, and routinely monitor your users' security preferences. For large businesses, staying up to date on these security measures can require a lot of dedicated time each month, and can often cause potential risks to go unnoticed or ignored.
How to Get to the Security Center
Once you are logged into your HubSpot account:
- Navigate to the Settings
- Click into Account Defaults
- Select the Security tab
- Click the orange Visit the Security Center button
What do the measures mean?
HubSpot has highlighted six key security measures upon the release of the Security Center. You can view your overall account score as a whole as well as where your account may require additional attention. Explore these measures below.
1. Is two-factor authentication (2FA) required for your account?
2FA is a great way to protect your HubSpot account from unauthorized access. It’s highly recommended to require all users enable 2FA. You can learn how to require 2FA in your HubSpot account in this helpful article.
2. What percent of users have 2FA set up?
When more users in your HubSpot account who have 2FA enabled, the more protected your account is from unauthorized access. Use this metric to easily find users who need a reminder to enable 2FA.
It is quite common for HubSpot portals to be overwhelmed with Super Admins because it is one of the easiest ways to add a new user to your portal, especially when you don’t know what permissions they may need right away. However, it is recommended to limit how many users are super admins to minimize risk.
3. What percentage of your users are super admin?
4. How many super admins does your account have?
It is highly recommended to limit permissions so users have access only to the tools they need. A lower percentage of super admins compared to overall users helps ensure your users don’t have too much access to account-wide settings that could cause risk.
5. Do you have any partner users who are super admins?
Providing your partner users with super admin access could allow them to view and manage billing, add and delete users, and perform tasks that can add risk to your account. Like internal users, super admin permissions for partner users should also be limited to reduce risk. Generally, it’s recommended to provide super admin permissions only when necessary.
6. Does your account have any inactive users?
If any of your HubSpot users have not logged into their account in the past 90 days, HubSpot considers them inactive. HubSpot recommends limiting access to only those who actively need to be in your portal.
Using the Security Center
This new feature is a great step forward in giving you more control over your HubSpot account security. HubSpot admins or those in control of account security should use this new Security Center to continually monitor potential risks to keep your portal safe and ensure your users have access only to the tools they need. For more tips on managing your HubSpot account and other digital marketing tips, subscribe to the Blue Frog Blog.