IP Allow-listing (IP Whitelisting)

This feature allows organizations to restrict access to their Casebook tenant to certain IPs, or a range of IPs for security purposes.

How can IP Allow-listing support my security needs?

Organizations may want to add extra protections above and beyond Casebook’s username/password and session timeouts. In the case where a username/password has been compromised, allow-listing means any parties that accessed that username/password would not be able to login to Casebook unless they were using an approved IP address. 

Some organizations also have restrictions about where users can access data. For example, not being able to access data at private homes or outside of the United States. IP allow-listing will enable organizations to define where their users can access Casebook and can restrict it to a set of physical locations only. 

What do end-users see if their IP is blocked?

If a user is already logged in and is blocked, they will be logged out when they try to navigate within Casebook or refresh the page. 

If a user is trying to log in to the tenant at a blocked IP address, they will see the following message when attempting to login, even with valid credentials:Screen Shot 2022-02-03 at 1.17.42 PM-1

Who can set up the list of IPs?

Currently, this feature is completely managed by Casebook developers. In order to use this feature, please reach out to support@casebook.net and include the IP address or range of IP addresses.

Note: By design, this feature means even Casebook employees cannot access the customer tenant. This might cause additional time needed to address support tickets and troubleshooting efforts.