Requires users in your organization to set up and use 2FA when logging in via a password.
Toggle on this enforcement in Admin > Privacy & Security > Authentication & User Management.
| | **Review Session Duration** |Set the amount of time a user’s session lasts before having to log in again.
Review the configured session duration in Admin > Privacy & Security > Session Timeout.
| | [**Set Up and Enable SSO**](https://github.com/verkada/Verkada-Support-Docs/blob/main/en/command/single-sign-on-sso/authentication-and-provisioning-overview.md) |1.
Configure SSO as an authentication method for your users.
2.
Complete the Run Login Test step to enable it (for enhanced security, make SSO required).
| | [**Set Up SCIM**](https://help.verkada.com/command/security/identity-providers/scim-token-management) | Configure SCIM to provision and manage your users and groups through Okta or Microsoft Entra ID identity management. | | [**Add Primary Key Contact**](https://help.verkada.com/command/organization-settings/manage-your-admin-page-settings/manage-contacts) | Add a [primary contact](https://command.verkada.com/admin/org-settings/org-details) who serves as the designated point of contact for general communications. | | [**Add Billing Key Contact**](https://help.verkada.com/command/organization-settings/manage-your-admin-page-settings/manage-contacts) | Add a [billing contact](https://command.verkada.com/admin/org-settings/org-details) who serves as the designated point of contact for billing-related communications. | | [**Add Security Key Contact**](https://help.verkada.com/command/organization-settings/manage-your-admin-page-settings/manage-contacts) | Add a [security contact](https://command.verkada.com/admin/org-settings/org-details) who serves as the designated point of contact for security-related communications. | | **Review Users** | Ensure your [users list](https://command.verkada.com/admin/users) and user roles are up to date and remove any users if necessary. | | [**Review Groups**](https://help.verkada.com/command/users-and-permissions/manage-users-in-your-organization/manage-command-groups) | Ensure each user is added to the [group(s)](https://command.verkada.com/admin/groups) that grants the correct permissions. | | [**Review Default Image and Video Data Location**](https://help.verkada.com/command/security/privacy-and-security-disclosure/set-a-default-or-camera-specific-location-for-image-and-video-data-storage-and-processing) |1.
Set the default geographic region where camera video and image data will be stored.
2.
Review the configured location in Admin > Privacy & Security > Data Residency.
| | **Confirm Appropriate Notice** |Confirm that:
All physical sites have appropriate signage with regard to camera recordings.
The company receives appropriate consent from employees and guests.
| | **Review People Analytics Notice** | Review and accept the Analytics Terms and Conditions, found in the **Admin > Cameras > Analytics**. | | [**Review Audit Logs**](https://help.verkada.com/command/organization-settings/manage-your-admin-page-settings/manage-and-view-audit-logs) | Review the [logged actions](https://command.verkada.com/admin/privacy-security/audit-log) of Command users in your organization to check for irregular activity. | ## Dismiss an action from the checklist If a specific action does not pertain to your organization, you can dismiss it from the list. Next to the action item, click the checkmark and select **Complete** or **Dismiss**. If it has a dropdown arrow next to the item name, it does not count toward your completion percentage.  *** {% hint style="info" %} **Prefer to see it in action?** Check out the [video tutorial](https://www.youtube.com/watch?v=vme3YdOdhsE). {% endhint %}