Noah ES Best Security Practices

  1. Noah ES will send alert emails to notify and confirm that an event or change has happened. The emails will be sent to different users and user groups depending on the change. Administrative accounts will get emails for all user account events. Examples include:

    1. First time a Noah ES user account logs in to Noah ES

    2. First time login to Noah ES on a specific device

    3. Noah ES User Type is changed. For example, Noah ES Administrator accounts are notified if a user is moved from Level 2 to Level 1.

To be alerted to these changes, make sure that all Noah ES user accounts are able to receive emails from noah-es.com.

See information on errors with Noah ES email links here:

Issues/Errors with links in Noah ES generated email messages - Noah ES Support Portal - HIMSA's Confluence (atlassian.net)

2. Routinely review the Activity log for appropriate and possible signs of inappropriate activity. The Activity log can be viewed in the Noah ES Portal.

 

 

3. HIMSA recommends that each user login to a PC with their own Windows credentials. In this case, when finished in Noah ES you will be able to close Noah and login again without re authenticating.

If you use a shared computer, when finished in Noah ES, each user will need to ‘Log Off Noah ES’ after each use as well as close the internet browser. Then the next user will log in and authenticate with Noah ES. See more information on Log Off feature here:

https://himsanoah.atlassian.net/wiki/spaces/NESP/pages/1735655529

4. Administrators also have the option to enable MFA (Multi Factor Authentication) for each user - there is no extra charge, requires phone or text.

To setup or change the phone number on record, navigate in the Noah ES Portal to Account, My Account, and then Manage MFA.

 

The setting to enable or disable MFA per Noah ES user is in the Portal under Manage Users.