I’ve made a few security changes, listed below.
- Administrative access has been removed from users who have not enabled 2 factor authentication.
- I have created an admins group. This is an administrative group, and only super admins may post.
- Super admins and community managers have been moved to an “Enhanced Security” OU. In this OU is two sub-organizations for their respective group. In the future, this may be used for other users who we deem to require 2fa (although I don’t know what situation might require that).
- Two-factor authentication is enforced for the Enhanced Security OU.