User Security Requirements

Every user of the system is required to abide by a simple set of security requirements to ensure the integrity and confidentiality of the data stored within the system.

API Credentials

In some instances, you maybe be granted access to use the CopyCentral API. This can be used to connect systems directly to CopyCentral and requires a separate contractual agreement in place which governs the exact use of this and the data.

If you have been provided with CopyCentral API login credentials these must not be shared outside of your organisation. If you are unsure, please speak with us.

Super Users

A company must be registered with the system in order for one or more members of its staff to have access. Every company must have at least one registered and active super user at all times. The super user(s) for a company are responsible for all administration of the company's user accounts, including creating new accounts and disabling those who have left. It's recommended that this right is only granted to those who need it to fulfil the company's obligations, rather than being given to all users.

Unique User Accounts

Every user must have their own unique account. The use of accounts that are not unique to an individual but are shared by multiple people or are registered to a shared mailbox or address are strictly forbidden. Sharing your account details with anyone else or accessing the system with someone else's login credentials is also strictly forbidden. Where this is identified, Clearcast will disable all accounts involved and reserves the right, at its discretion, to permanently disable user and/or company accounts as it sees fit to ensure the security of the system.

Password Requirements

Every user is responsible for keeping their account, and the data that it has access to, secure. All passwords must meet the following requirements:

  1. Passwords cannot contain the user’s account name or parts of the user’s full name that exceed two consecutive characters.
  2. Passwords must be at least eight characters in length.
  3. Passwords must contain characters from three of the following four categories:
  4. English uppercase characters (A through Z).
  5. English lowercase characters (a through z).
  6. Base 10 digits (0 through 9).
  7. Non-alphabetic characters (for example, !, $, #, %).

In addition, you should not use the same or similar password for any other online system. If one site is compromised, it could make it easy for access to be gained to another.

Contact Details

As part of your system account, we keep your contact information, which is important should we ever need to make urgent contact regarding the system and its security. Every user must make sure that this information is up to date at all times. Additionally, there are several other non-mandatory mailings that you can "OPT IN" to if you choose. This can be done from your user profile.