Practice by Numbers (PbN) is built with security in mind for all practices, and every account includes essential login protections such as Two-Factor Authentication (2FA) and secure sign-in options.
For practices that need advanced access controls, monitoring, and compliance-ready security tools, PbN also offers Enterprise Security. Enterprise Security provides enhanced safeguards that give administrators more control over where, when, and how users can access the platform.
This article explains:
Where to find Enterprise Security
What security features are included for all practices
What additional capabilities are unlocked with Enterprise Security
Where to Find Enterprise Security
Enterprise Security settings are located in: New Settings > General > Security Management
This centralized area allows administrators to manage security policies, monitor access, and review activity across the practice.
Security Features Available to All Practices
All Practice by Numbers accounts include baseline security features designed to protect user logins and account access.
Two-Factor Authentication (2FA)
2FA adds an extra layer of protection by requiring users to verify their identity using a second method after entering their password.
All practices can:
Enable or disable 2FA for the practice
Require 2FA for specific roles or specific users
Allow users to set up their own 2FA method
Supported options include:
Authentication apps
Secure verification during login
Google Sign-In
Practices can also allow users to log in securely using Google authentication, reducing password-related risk while maintaining account protection.
These login security options are available to all practices, regardless of plan.
What Is Enterprise Security?
Enterprise Security expands PbN’s security capabilities beyond login protection.
It is designed for:
Multi-location or enterprise practices
Practices with strict compliance or IT policies
Teams that need visibility and control over user activity
Enterprise Security allows administrators to:
Restrict access by IP address
Limit access to specific time windows
Monitor and revoke active user sessions
Track security-related changes and events
Centrally manage 2FA status across users
Enterprise Security Tabs & Features
Below is an overview of each tab within Security Management and what it controls.
General Settings
The General Settings tab is where Enterprise Security rules are enforced at a high level.
From here, administrators can:
Enable or disable IP address restrictions
Enable or disable time-based access restrictions
Enforce 2FA requirements across roles or users
Apply predefined security presets for faster setup
This tab acts as the control center that determines whether advanced security rules are active.
IP Allowlist
The IP Allowlist allows practices to control where users can log in from.
With Enterprise Security, you can:
Add approved IP addresses (e.g., office networks)
Restrict access so users can only log in from allowed IPs
Prevent access from unknown or unauthorized locations
This is especially useful for practices that want access limited to office locations or approved remote environments.
Time Windows
The Time Windows tab controls when users can access PbN.
Using time windows, administrators can:
Define allowed login hours by day of the week
Apply access windows to specific roles or users
Prevent system access outside approved business hours
What Users Experience When Access Is Restricted
If a user attempts to log in outside of their allowed time window, they will see an Access Restricted screen explaining:
That access is currently restricted
The current date and time
Their approved access times
Once the allowed time window begins, the user can retry access or will be redirected automatically.
Time-based restrictions are ideal for reducing after-hours access and improving compliance.
The Time Windows tab controls when users can access PbN.
Using time windows, administrators can:
Define allowed login hours by day of the week
Apply access windows to specific roles or users
Prevent system access outside approved business hours
Time-based restrictions are ideal for reducing after-hours access and improving compliance.
Active Users
The Active Users tab shows who is currently logged into PbN and how.
From this tab, administrators can:
View active login sessions per user
See users with access to multiple organizations
Revoke all active sessions for a user instantly
This provides real-time visibility and quick response if access needs to be removed.
IP Access Requests
When IP restrictions are enabled, users attempting to log in from a new or unapproved IP address will be prompted to submit an IP Access Request.
User Experience
Users will see a message explaining that:
Their current IP address requires approval
They must request access to the practice(s) they need
Each request includes a clear status:
Approved – Access has been granted
Pending – Request is awaiting review
Rejected – Request was denied
Not Requested – No request has been submitted
Admin Experience
From the IP Access Requests tab, administrators can:
View pending requests
See the requesting user and IP address
Approve or deny requests with one click
This workflow allows practices to maintain strict IP controls without permanently blocking legitimate users.
When IP restrictions are enabled, users attempting to log in from a new or unapproved IP can generate an IP Access Request.
Admins can:
Review pending IP access requests
Approve or deny access
Maintain security without fully blocking legitimate users
Security Events
The Security Events tab provides a detailed audit log of security-related activity.
Here you can:
See what security changes were made
Identify which user made each change
Track events like:
Settings changes
Role updates
IP approvals
Security preset applications
Export events for reporting or audits
This tab is critical for accountability, troubleshooting, and compliance documentation.
2FA Management
The 2FA Management tab provides centralized visibility and control over how two-factor authentication is being used across your practice.
From this tab, administrators can:
View all users and their current 2FA status
See which users have 2FA enabled, required, or not yet set up
Identify the authentication method being used (such as SMS)
View the last time a user successfully verified their 2FA
Resetting a User’s 2FA
If a user loses access to their authentication method or needs to reconfigure 2FA, administrators can reset it.
When Reset 2FA is selected:
The user’s existing 2FA setup is removed
The user will be prompted to set up 2FA again at their next login (if required)
This action is useful for troubleshooting login issues while maintaining security controls.
The 2FA Management tab provides centralized visibility into user authentication status.
Admins can:
View which users have 2FA enabled
See last verification activity
Refresh or audit 2FA status across the practice
This ensures enforcement of security policies and helps identify gaps in authentication setup.
Summary
All practices have access to secure login features like 2FA and Google sign-in
Enterprise Security is a paid add-on that provides advanced access control, monitoring, and auditing
Enterprise Security gives practices full visibility and control over who can access PbN, from where, and when
For practices with higher security or compliance needs, Enterprise Security offers the tools required to protect sensitive data and manage access with confidence.