User registration and de-registration is up to the users and Career Center administrators. Upon registration, the user sets their password through a link sent to their email address. Upon de-registration, the user loses access to all the resources previously available.

The JobTeaser SaaS enforces the following password security policy:

• Minimal length is 12 characters;
• Password must include uppercase letters, lowercase letters and numbers.

In case of failed login attempts, an exponential back off delay is inserted before enabling the user to try again to login after failed attempts.

Single sign-on (SSO) allows schools and universities partners to provide their users (students and staff) with a login solution that does not require them to enter additional credentials on the Career Center. In this case, the security of the user’s credentials is managed by the partner instead of JobTeaser. CAS, SAMLv2 and OAuth2 are currently supported.

User Access Provisioning

The administration interface for Career Center administrators allows administrators to provision users according to roles they need to attribute to others.

User Authentication

For Career Centers, JobTeaser enables its schools and universities partners to setup an SSO integration for end-user (students and administrators). Other types of users (e.g. company recruiters) are provided with JobTeaser login (email and password credentials are managed by JobTeaser).

JobTeaser uses a central authentication solution (JobTeaser IDP - IDentity Provider) on its platform and applications. It supports the development of controls: connection attempts monitoring, 2-factor authentication, etc.

API Security & Authentication

Authentication to the platform is processed through the JobTeaser dedicated OpenID module. This module can act as an Identity Provider as well as a Service Provider, depending on the partner’s needs.

JobTeaser website administration users

Privileged Access Rights

JobTeaser administrators manage their own registration and de-registration. Access rights are provided to new administrators on a “least privilege” basis, according to their functional role in the company.

Review of user access rights

JobTeaser website administrator access rights are reviewed annually.

Administration Interface access

Access to the website administration interface is over HTTPS, encrypted using TLS 1.2 and 1.3 as per industry best practices.

Two-factor authentication (2FA)

Two-Factor Authentication is mandatory for JobTeaser website administrators.