If your sales reps are connecting via a corporate VPN, then you won't need to validate new IPs (since they are using the corporate IPs). This allows you to offer a single Reporting only username or the password for all sales reps or per sales rep username or the password without any extra steps for security. This is the ideal solution. However, if your sales reps do not use a corporate VPN, then a few options are available
- Provide each rep with their own username/password and let them validate their IP address individually. When they login for the first time from a new IP, they will receive an email which prompts them to approve that IP. For this to work, IP restriction settings at the Org Level cannot be turned on. While this means you have to create a username/password per rep, it will provide the highest level of security with minimal impact to a Reporting only user as well as to all the other users.
- If you have several sales reps, and don't want to create a separate username/password for each
one, then a shared username/password can be created. With this option, you will need to turn OFF
some of your security measures. To make these changes, you will need to:
- Open a support ticket requesting that IP validation be disabled for this organization.
- Login as a org admin and verify that IP restriction is not turned on for your organization.
A highly recommended option would be turn on IP restriction for specific user accounts. While this is a preferred security option, note that if a user has this enabled and logs in from an unregistered IP, that IP address cannot be registered/approved until:
Note: Do not turn on IP restriction for the shared username/password Reporting only user.
- they are back on an approved IP, OR,
- they have requested approval/registration of the IP through your org admin