Skip to main content

Overview

AIBAMS is built on a Zero Trust architecture, but it is up to Admins to configure the policies that enforce security within their specific workspace.
  1. Go to Admin Settings → Security

Authentication Policies

Enforcing Two-Factor Authentication (2FA)

By default, 2FA is optional. We strongly recommend making it mandatory for all users.
  1. Locate the Two-Factor Authentication setting.
  2. Select Enforced for all users.
  3. Click Save.
Impact: Next time users log in, they will be forced through the 2FA setup process before they can access the dashboard. They must use an Authenticator App (Google Authenticator, Authy, etc.).

Password Policy

AIBAMS enforces a baseline strong password policy (12 chars, upper, lower, number, special). Admins can increase these requirements.
  • Password Expiration: Force users to change their password every 90, 180, or 365 days.
  • Password Reuse: Prevent users from reusing their last X passwords.

Single Sign-On (SSO)

(Available on Enterprise Plans) Enterprise customers can bypass AIBAMS passwords entirely and use their own Identity Provider.
  • Supported protocols: SAML 2.0, OpenID Connect (OIDC).
  • Supported providers: Okta, Microsoft Entra ID (Azure AD), Google Workspace, PingIdentity.
To configure SSO, go to Admin Settings → Security → Single Sign-On and follow the provider-specific setup instructions.

Session Management

Control how long users stay logged in and how idle time is handled.

Session Timeout

Set the maximum duration a user can remain logged in without re-authenticating.
  • Default: 30 days
  • High Security Option: 12 hours or 24 hours

Idle Timeout

Automatically log users out if they are inactive for a specific duration.
  • Default: Disabled
  • Options: 15 mins, 30 mins, 1 hour, 4 hours.
If your team works with sensitive financial or health data, we recommend setting a strict Idle Timeout of 15 or 30 minutes.

Access Controls

(Available on Professional and Enterprise Plans)

IP Allowlisting

Restrict access to your AIBAMS workspace so it can only be accessed from approved networks (like your corporate office VPN).
  1. Go to Access Controls → IP Allowlist
  2. Click Add IP Range
  3. Enter the IPv4 or IPv6 CIDR block (e.g., 192.168.1.0/24)
  4. Toggle Enforce IP Allowlist
Ensure your own current IP address is in the allowlist before enforcing it, or you will lock yourself out of the Admin Panel!

Device Approvals

Require Admin approval before a user can log in from a new, unrecognized device.
  • When a user logs in from a new device, their login is held in a “Pending Approval” state.
  • Admins receive an email alert.
  • Admins must approve the device in Admin Settings → Security → Devices.

External Sharing Policies

Admins control how users can share data from FileX with people outside the organization.
  1. Go to Admin Settings → Security → External Sharing

Options:

  • Allow all external sharing: Users can create public links and invite external guests. (Default)
  • Require Passwords: All external links generated by users must have a password.
  • Require Expirations: All external links must expire within X days.
  • Disable external sharing: Users can only share files with other members of the workspace.

Security Contacts

Ensure AIBAMS knows who to contact in the event of a security incident or critical vulnerability.
  1. Go to Security → Security Contacts
  2. Add the email addresses of your IT/Security team.
These contacts will receive immediate alerts regarding suspicious logins, mass data deletions, or platform security bulletins.