Security settings
ENVIRONMENT: Datto Partner Portal
This article describes how to manage IP addresses on your account's Security Settings page in the Datto Partner Portal.
Users with Administrator-level accounts can manage IP addresses on the Security Settings page.
- Security Settings are currently only available for users that have a single Datto account tied to an email address. We will support users that have multiple Portal accounts in the near future.
- Users must be assigned the Security Admin role to access this page.
- Options on the Security Settings page will affect this reseller and its employees only.
Accessing the Security Settings page
In the Datto Partner Portal, navigate to Admin > Manage Security Settings.
Using Security Settings
The Security Settings page allows administrators to:
- View the IP addresses most frequently used to access their accounts from within their company
- Allowlist frequently used IP addresses for streamlined account access with fewer authentication requests
- Blocklist IP addresses that do not have permission to access internal accounts
- Set custom email alerts to warn specified users when malicious IP addresses attempt to log into internal accounts
Updates made to the Security Settings page apply to all accounts under the company.
Multifactor Authentication
The Multifactor Authentication section on the Security Settings page shows your company's MFA status. Refer to Getting Started with Multifactor Authentication (partner login required) to learn more about setting up mfa for your company.
Managing Login Addresses
Frequently used IP addresses
The Datto Partner Portal automatically detects the IP addresses from which logins most commonly occur. The Frequently Used IPs card displays:
- The login IP address
- The username associated with that IP address
- The physical location from which the login occurred
- Your current IP address, with the option to allowlist it
Allowlisting IP addresses
Employee users logging in from trusted IP addresses can be allowlisted, allowing the user to bypass MFA for three weeks. Click the Allowlist link under Manage IP Login Addresses to allowlist an IP address. Click the trash can icon next to an IP address (line item) to remove allowlisting for that address.
NOTE Allowlisting is only available for employee accounts, not organization accounts. On their first login, allowlisted users will still be required to complete the MFA process.
Blocklisting IP addresses
You can blocklist IP addresses that you wish to keep separate from Datto, preventing users on those networks from logging into internal accounts. Click the Blocklist link under Manage IP Login Addresses to blocklist an IP address. Click the trash can icon next an IP address (line item) to remove blocklisting for that address.
Active Session Management
The Active Session Management section on the Security Settings page shows you the details for all users currently logged into the Partner Portal.
- Use the search field to find a specific user.
- Click the END ALL SESSIONS link to terminate all current user sessions.
Email Alerts
In this section, you can specify which members of your company should receive email alerts when users attempt to log into the Partner Portal. Refer to Datto Partner Portal: Configuring login alerts to learn more about this feature.
Datto Threat Intelligence
Our Datto Threat Intelligence feature automatically blocks traffic from known Tor nodes and blocklists their IP addresses. Refer to Datto Partner Portal: Tor Node Blocking With Datto Threat Intelligence to learn more.