How can senders audit security in ESP dashboards?

ESP dashboards provide tools for auditing security within your account. Regular review catches issues before they become problems.

Access audit areas:

User management: Review who has account access. Remove departed team members. Verify appropriate permission levels. Check when users last logged in.

API key inventory: List all active API keys. Identify unused keys for deletion. Verify key scopes match intended use. Note creation dates and creators.

Activity logs: Review login history for unusual access. Check for failed login attempts. Look for unexpected geographic locations. Monitor administrative actions (list changes, sends).

Authentication settings: Confirm 2FA is enabled for all users. Review password policies. Check session timeout settings.

• Regular audit tasks:
• Monthly review of user access
• Quarterly API key audit
• Review activity logs for anomalies
• Verify security settings haven't been weakened
• Check for new features or security options
• What to look for:
• Unknown users with access
• API keys you don't recognize
• Login attempts from unusual locations
• Changes you didn't authorize
• Test or development keys in production

Document your audit process and schedule regular reviews. Many security incidents could be caught earlier with routine auditing.