User Authentication and Networking
What forms of user authentication does Monotype Connect use?
Monotype Connect uses a custom web-based authorization mechanism. We also support single sign-on using either Azure AD or Okta.
What are the security requirements for Monotype passwords?
- Passwords must be a minimum of 8 characters.
- Include a special character - no limits or requirements on the characters that can be used.
- Include a capitalized letter
Passwords for user accounts on extensis.com do not expire; it is recommended that you change your password regularly.
How long do Monotype Connect user sessions last?
- Idle login sessions expire after 30 minutes on https://buy.extensis.com and https://connect.extensis.com/
-
Login sessions for the Monotype Connect desktop app expire after 30 days
- Most users are rarely asked to login due to when the Monotype Connect desktop application connects to our network to synchronize user information and cloud libraries, the session length is reset.
What network ports and URLs does Monotype Connect require access to?
For full Monotype Connect functionality, the desktop application requires TCP port 443 to be accessible on the following URLs:
https://www.extensis.com
https://links.extensis.com
https://fs.extensis.com
https://connect.extensis.com
https://connect-api.extensis.com
https://auth.extensis.com
https://extensis.okta.com
- https://secure.monotype.com/
https://buy.extensis.com
https://d20tcu3k0slplp.cloudfront.net
- https://content.connect.extensis.com
- https://data.connect.extensis.com
- https://connect-rum.extensis.com
- https://extensis.us2app.churnzero.net
- https://www.googletagmanager.com
- https://accounts.google.com
- https://analytics.google.com
- https://font-vault-cdn.extensis.com
- https://sig.monotype.com/
- https://enterprisecdn.monotype.com/
- https://assets-main-protected.monotype.com/
- https://assets-provisional.monotype.com/
- https://ads-assets.monotype.com/
- *.amazontrust.com
Additionally, the following sites are required for the Connect Fonts web client login at https://connect.extensis.com/:
- https://cdn01.boxcdn.net
- https://apis.google.com
- https://www.dropbox.com
How are user permissions handled in Monotype Connect?
See this article about managing permissions: User Management - Start Here!
Data Transmission and Storage
What user data does Monotype store for Monotype Connect?
We store font files, font metadata, and organizational data such as shared cloud libraries and user sets. For more information on our data collection and retention policies, see our Privacy Policy.
How is user data protected during transit?
User data (including libraries, sets, and fonts) is sent over HTTPS-secured connections. TLS ( Transport Layer Security ) version 1.2 is used and needs to be enabled.
Is the data at rest and in transit encrypted?
Yes it is encrypted both at rest and in transit
Can Monotype Connect sync fonts from an on-premises server?
Monotype Connect can only connect to Monotype's network of servers. There is no functionality for connecting to an on-premises server.
Maintenance and Updates
How are updates to Monotype Connect handled?
The Monotype Connect desktop application is updated by the end user. The desktop application notifies end users when an update is available.
The Monotype Connect service is managed by the Monotype DevOps team; production updates are deployed into Amazon Web Services when we have changes.
How long are service logs kept and who has access to them?
Logs for troubleshooting and technical support purposes are kept for 14 days. Logs are archived indefinitely in Amazon Web Services storage and accessible by the Monotype DevOps team.
Is intrusion detection and prevention implemented?
Yes, we implement MissionCloud in our environment.
What is your procedure in case of a data breach?
The Monotype Incident Response Team proceeds through the following stages:
- Identification
- Severity classification
- Containment
- Eradication
- Recovery
- Root cause analysis
The Incident Response Team will respond as per the more detailed Incident Response Plan published and maintained by the Monotype DevOps Manager.