Platform Settings
Platform settings control your SecureHive workspace configuration — organization details, branding, security policies, notification preferences, and feature toggles. Changes here apply tenant-wide and require admin permissions.
Changes to platform settings affect all users in your workspace. Review changes carefully before saving, especially security-related settings.
Accessing settings
Navigate to Settings → Platform Settings from the left sidebar, or go directly to /s/{your-tenant}/settings/platform.
General settings
General settings define your organization’s identity within SecureHive.
| Setting | Description |
|---|---|
| Organization name | Your company’s display name, shown across the platform and in reports |
| Subdomain | Your workspace URL (https://[subdomain].securehive.ai) — set during onboarding and cannot be changed |
| Industry vertical | Your organization’s industry, used for tailoring compliance recommendations |
| Company size | Employee count range, used for benchmark comparisons |
| Primary contact | The main admin contact for account-related communications |
| Timezone | Default timezone for schedules, reports, and audit timestamps |
Branding
Customize the look and feel of your SecureHive workspace and any externally shared pages such as the Trust Portal.
| Setting | Description |
|---|---|
| Logo | Upload your company logo (PNG or SVG, recommended 200×50px) |
| Favicon | Custom browser tab icon (ICO or PNG, 32×32px) |
| Primary color | Brand color applied to navigation, buttons, and accents |
| Trust Portal branding | Logo and color overrides for your public-facing Trust Portal |
Security policies
Security policies govern authentication behavior and session management across the workspace.
| Policy | Description | Default |
|---|---|---|
| Session timeout | How long an inactive session stays alive before requiring re-authentication | 30 minutes |
| Password requirements | Minimum length, complexity rules, and expiration period for local accounts | 12 characters, mixed case + number |
| MFA enforcement | Require multi-factor authentication for all users or specific roles | Disabled |
| SSO enforcement | Require SSO login and disable local password authentication | Disabled |
| IP allowlist | Restrict access to specific IP ranges or CIDR blocks | None (all IPs allowed) |
For SSO and SCIM configuration, see Identity Provider Authentication. For role-based access control, see Roles & Permissions.
Notification preferences
Configure how and when SecureHive sends notifications to your team.
| Setting | Description |
|---|---|
| Email notifications | Enable or disable email alerts for risk changes, policy updates, and task assignments |
| Digest frequency | Choose between real-time, daily digest, or weekly digest for non-critical notifications |
| Escalation alerts | Configure escalation rules for overdue tasks, critical risk changes, and SLA breaches |
| Integration notifications | Route alerts to connected tools like Slack, Microsoft Teams, or JIRA |
Feature toggles
Enable or disable optional platform capabilities based on your organization’s needs.
| Feature | Description |
|---|---|
| AI-assisted drafting | Use AI to generate policy drafts, risk descriptions, and questionnaire responses |
| Trust Portal | Publish a public-facing security posture page for customers and prospects |
| Vendor self-service | Allow vendors to access and complete questionnaires without manual link distribution |
| Automated risk scoring | Automatically calculate risk scores when assessment data changes |
Audit log
All changes to platform settings are recorded in the audit log with the timestamp, user who made the change, setting modified, and previous and new values. Access the audit log from Settings → Audit Log to review the history of configuration changes.
Best practices
Keep your organization details current — they flow into compliance reports and Trust Portal content. Enable SSO enforcement once your identity provider is fully configured and tested. Start with a restrictive session timeout and adjust based on user feedback. Review feature toggles quarterly to ensure they align with your current program maturity.