Security settings

ENVIRONMENT: Datto Partner Portal

This article describes how to manage IP addresses on your account's Security Settings page in the Datto Partner Portal.

Users with Administrator-level accounts can manage IP addresses on the Security Settings page.

Security Settings are currently only available for users that have a single Datto account tied to an email address. We will support users that have multiple Portal accounts in the near future.
Users must be assigned the Security Admin role to access this page.
Options on the Security Settings page will affect this reseller and its employees only.

Accessing the Security Settings page

In the Datto Partner Portal, navigate to Admin > Manage Security Settings.

Using Security Settings

The Security Settings page allows administrators to:

View the IP addresses most frequently used to access their accounts from within their company
Allowlist frequently used IP addresses for streamlined account access with fewer authentication requests
Blocklist IP addresses that do not have permission to access internal accounts
Set custom email alerts to warn specified users when malicious IP addresses attempt to log into internal accounts

Updates made to the Security Settings page apply to all accounts under the company.

Multifactor Authentication

The Multifactor Authentication section on the Security Settings page shows your company's MFA status. Refer to Getting Started with Multifactor Authentication (partner login required) to learn more about setting up mfa for your company.

Managing Login Addresses

Frequently used IP addresses

The Datto Partner Portal automatically detects the IP addresses from which logins most commonly occur. The Frequently Used IPs card displays:

The login IP address
The username associated with that IP address
The physical location from which the login occurred
Your current IP address, with the option to allowlist it

Allowlisting IP addresses

Employee users logging in from trusted IP addresses can be allowlisted, allowing the user to bypass MFA for three weeks. Click the Allowlist link under Manage IP Login Addresses to allowlist an IP address. Click the trash can icon next to an IP address (line item) to remove allowlisting for that address.

NOTE Allowlisting is only available for employee accounts, not organization accounts. On their first login, allowlisted users will still be required to complete the MFA process.

Blocklisting IP addresses

You can blocklist IP addresses that you wish to keep separate from Datto, preventing users on those networks from logging into internal accounts. Click the Blocklist link under Manage IP Login Addresses to blocklist an IP address. Click the trash can icon next an IP address (line item) to remove blocklisting for that address.

Active Session Management

The Active Session Management section on the Security Settings page shows you the details for all users currently logged into the Partner Portal.

Use the search field to find a specific user.
Click the END ALL SESSIONS link to terminate all current user sessions.

Email Alerts

In this section, you can specify which members of your company should receive email alerts when users attempt to log into the Partner Portal. Refer to Datto Partner Portal: Configuring login alerts to learn more about this feature.

Datto Threat Intelligence

Our Datto Threat Intelligence feature automatically blocks traffic from known Tor nodes and blocklists their IP addresses. Refer to Datto Partner Portal: Tor Node Blocking With Datto Threat Intelligence to learn more.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.