I'm not sure where to put this (adding a feature request section would be great too!) but I would really like to see two-factor authentication. It makes me nervous that one password could take down an entire site. As we expand our team and add new users to Tealium, this risk becomes more evident. I can't imagine I am the only one who shares this concern.
Another option would be some sort of approval workflow for Production publishing. Even basic e-mail approvals would substantially mitigate risks.
Are there any enhanced security features like this on the roadmap?
Actually, there's already a workflow system in place, along with a very granular user permissions system which allows you to define exactly who is allowed to publish to any given environment (not just Prod). You can find the community post about workflow management here: https://community.tealiumiq.com/posts/647569.
I hope this helps.
Check out our new Swift integration library for iOS, macOS, tvOS and watchOS: https://github.com/Tealium/tealium-swift with updated documentation https://community.tealiumiq.com/t5/Swift/tkb-p/swift.
I would love to see an option for MFA as well. Having granular user permissions and workflow best practices is a good start, but if someone grabs the correct username and password combination they can take down the entire system.
Ideally anyone with permissions to publish to production could be required to enable MFA either through the Google Authenticator app (my preference) or Authy (another excellent choice).
We would really like an extension of the security policy of the authentication process.
A two-way authentication would help, but it could be useful also a more customizable password policy.
It could be great if we could setup an automatic password expiration time in order to force all users to change their password more frequently.