Medallia Internal Access
Medallia takes access management seriously, granting access with the least privilege needed for the specific role and only to the personnel that need it. We review and update access rights annually and after any change in a user’s role. Access to systems that store client data is severely restricted and carefully logged, monitored, and audited. The importance of access control is discussed in our mandatory annual security awareness training, and employees and contractors are aware that violators may be subject to disciplinary measures up to and including termination of employment.
Medallia uses multi-factor authentication for system-level access to our application and the backend infrastructure. Our client support teams must either be in the office authenticated on our corporate network or they must use two-factor authentication to access the application remotely. Medallia Operations and Engineering teams operate under the same restrictions. Access and system logs are maintained locally for one month and in our centralized log management system for one year. The centralized system’s security controls prevent tampering and maintain the chain of custody.
Access to client data is restricted to authorized employees for the purpose of support, advanced engineering, product troubleshooting or cloud infrastructure maintenance. Employees are allowed access only as long as needed for the troubleshooting, support, or maintenance issue.
Our Client Services and Implementation teams set up the initial solution access for our clients, using the specific role and privilege assignments defined by the client. Medallia recommends and supports assigning permissions based on user roles. We have the capability to restrict access to the client portal by whitelisting only the IP address ranges that belong to our clients. In addition, all client account logins are logged with a time/date stamp, a user ID, and an indication of whether the login was successful.
Medallia logs all access to client information, including end user and system-level administrator access, as well as any system-level changes. The logs include:
Successful logon attempt
Failure of logon attempt
Creating users and objects
Deletion & modification of objects
Every time a user logs into the client portal, the user starts a session with the platform. By default, Medallia enables security features, including session ID encryption and randomization, that prevent unauthorized use of established sessions. Our solution can only be accessed over secure TLS connections. Additionally, clients are able to configure the session expiration settings, which can force sessions to close after a period of inactivity.
Medallia’s powerful role-based access controls in our core platform allows clients to easily define roles and administer highly granular permissions for their users. Clients can specify which individual records, or even which specific fields within records, are available to different users. This level of control ensures that users have only the permissions and rights they need to do their jobs.
We work with our clients to establish user groups based on each group's role and organizational responsibilities. Group permissions can be based on common roles, such as reporting, survey, and support functions. Additionally, custom user permissions are available for accounts that do not belong to any specific user group. Medallia’s solution directs the right data to the right people and prohibits users from viewing unauthorized data. District managers and regional managers, for example, would have their specific levels of permission; each manager’s reporting view would only show the data that manager is authorized to see.
Medallia Experience Cloud clients may choose to authenticate their users through Security Assertion Markup Language 2.0 Single-Sign-On (SAML 2.0 SSO) or through traditional username/password login credentials with the option of multi-factor authentication defined at the role level. Medallia recommends SSO but supports both options. Data Access Controls, as well as other data encryption details, can be read in detail in Medallia’s End to End Data Protection White Paper.
Single Sign-On (SSO)
SSO allows clients to manage and enforce the use of their internal corporate credentials and password policies for logging into the Medallia application. Using SSO, our clients authenticate against their own identity provider, while our Experience Management solution provides the integration service. We support encrypted SSO - in addition to our clients signing the assertion sent to us, we give our clients the flexibility to encrypt the assertion with our public key. By using SSO for authentication and authorization to the Medallia application, clients are able to reduce account administration time and enforce corporate enterprise directory policies, such as password complexity and history requirements. We can also support use cases where a need for multiple identity providers may be needed.
Traditional Login Credentials
For non-SSO accounts, client employees authenticate to their client portal via a supported web browser, such as current versions of Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari. Communication is encrypted between the browser and the server using TLS over port 443 (HTTPS). Medallia supports a hybrid approach of both SSO and traditional username and password.
We provide our clients with customizable settings – clients can modify the access control settings to complement their internal policies, including granular role-based access, password complexity and user session management controls. Medallia’s Implementation team can help set the password requirements to the Medallia application following our clients’ internal policies.
The password settings that can be configured by clients include:
Minimum password length
Minimum number of lowercase letters, uppercase letters, digits, and special characters
Disallowal of sequential digits or repeated consecutive characters
Maximum number of unsuccessful login attempts
Maximum number of password reset requests per day
Number of days a password is valid
Number of past passwords/password history
Medallia Experience Cloud uses OAuth 2.0 to authorize limited access to its services and data. OAuth allows users, applications, and systems to grant access to resources without sharing personal authentication credentials like passwords. Instead, the parties share a secure token that identifies what the user or application may access.