Configure Organisation Branding and Security Settings

Role: Org Admin
Time: 20–30 minutes
Prerequisites: You are logged in as Org Admin; your organisation logo is available as a PNG or SVG (recommended: at least 200×50 px, transparent background); 2FA apps available to test (e.g. Google Authenticator, Authy)

This tutorial covers the three Org Admin settings most commonly configured when a new Kazinex organisation goes live: organisation branding, 2FA enforcement, and file type restrictions. Run these in sequence during your initial setup session.

---

Part 1: Organisation Branding

Step 1: Upload the organisation logo

1. Go to Settings → Organisation → Branding.
2. Under Logo, click Upload Logo.
3. Select your organisation's logo file (PNG or SVG recommended).
4. Preview the logo in the panel — confirm it displays correctly on the dark and light backgrounds shown.
5. If the logo looks stretched or cropped, re-upload with the correct dimensions.

The logo appears in:

• The navigation header for all organisation members
• Email notifications sent from Kazinex (in the email header)
• Transmittal cover sheets (if branded cover sheets are enabled)
• Guest portal pages

Step 2: Set the primary colour

1. Under Primary Colour, click the colour picker or type a hex value.
2. Enter your organisation's brand colour (e.g. #1A3A6B for dark navy).
3. Preview updates in real-time — confirm button colours and active states match your brand.
4. Click Save Branding.

The primary colour is applied to:

• Call-to-action buttons (Approve, Submit, Upload)
• Active navigation items
• Progress indicators and status bars

Step 3: Verify the branding

1. Refresh the page.
2. Confirm the logo appears in the top-left navigation.
3. Confirm buttons use your brand colour.
4. Log out and log back in — confirm the login page shows your logo.

---

Part 2: Two-Factor Authentication (2FA) Enforcement

Step 4: Understand 2FA enforcement

When 2FA is enforced at organisation level:

• All current members must set up 2FA within the grace period (default: 7 days)
• New members must set up 2FA before accessing the organisation
• Members who have not set up 2FA by the deadline will be prompted to do so on every login until they comply

Before enforcing 2FA, communicate the change to your team with at least 1 week's notice so they can install an authenticator app.

Step 5: Enable 2FA enforcement

1. Go to Settings → Organisation → Security.
2. Under Two-Factor Authentication, toggle Require 2FA for all members to On.
3. Configure the Grace Period: number of days members have to set up 2FA before access is restricted. Recommended: 7 days for an established team; 0 days for new organisations with no existing members.
4. Click Save Security Settings.

A banner appears on each member's account on their next login, prompting them to set up 2FA.

Step 6: Verify 2FA compliance

1. Go to Settings → Team.
2. The member list shows a 2FA column (or badge):
   • Enabled: member has set up 2FA
   • Pending: member has been notified but not yet set up
   • Not Required: member joined before enforcement (if grace period is active)
3. Follow up with any member still showing Pending after the grace period ends.

---

Part 3: File Type Restrictions

Step 7: Set the allowed file types

By default, Kazinex allows all common document file types. You can restrict uploads to only specific types — useful for organisations that want to prevent non-document files being uploaded.

1. Go to Settings → Organisation → Storage.

2. Under File Type Restrictions, click Edit Restrictions.

3. Choose your restriction mode:

   • Allow all (default): no restrictions
   • Allowlist: only the file types you specify are permitted

4. If using Allowlist, add the types you want to permit. Common construction project types:

Extension	MIME Type	Purpose
.pdf	application/pdf	Drawings, specs, reports
.dwg	application/acad	AutoCAD files
.ifc	application/x-step	BIM models
.rvt	application/octet-stream	Revit files
.xlsx	application/vnd.openxmlformats-officedocument.spreadsheetml.sheet	Schedules
.docx	application/vnd.openxmlformats-officedocument.wordprocessingml.document	Reports
.jpg	image/jpeg	Site photos
.png	image/png	Images

5. Click Save Restrictions.

Step 8: Test the file restriction

1. Navigate to Documents → New Document → Upload New Revision.
2. Try to upload a file type that is NOT in your allowlist (e.g. a .exe or .zip).
3. Confirm the system displays an error: "File type not permitted."
4. Upload a permitted file type — confirm it succeeds.

---

Final Verification

After completing all three parts:

Setting	Verified?
Logo appears in navigation header	☐
Brand colour applied to buttons	☐
2FA enforcement active and team notified	☐
File type restrictions enforced	☐

---

What's next

• Security Hardening Guide — 2FA rollout checklist, guest access policy, audit log cadence
• File Restrictions Guide — detailed file type and size limit configuration
• Settings: Security Settings — full security settings reference