Security Best Practices When Setting Up Teamgo
A practical setup guide for administrators and workplace users
This guide outlines recommended security practices when deploying Teamgo Visitor Management across your workplace. Following these steps helps ensure your system supports strong privacy protection, controlled access, and compliance with organisational policies such as ISO 27001-aligned security expectations and workplace safety obligations.
These recommendations apply whether you are deploying:
iPad or Android kiosk sign-in points
QR code contactless check-in
visitor pre-registration workflows
employee attendance
contractor sign-ins
badge printing stations
emergency evacuation tools
Administrator Security Setup Guide
Administrators are responsible for configuring Teamgo securely before rollout to staff and visitors.
1. Enable Single Sign-On (SSO) where available
Where possible, connect Teamgo to your identity provider:
Recommended providers:
Microsoft Entra ID (Azure AD)
Okta
Google Workspace (where applicable)
Benefits:
β Centralised authentication
β Automatic password policy enforcement
β Faster user provisioning and removal
β Reduced credential risk
2. Require Multi-Factor Authentication (MFA)
Administrator accounts should always use MFA.
This prevents access if:
passwords are compromised
devices are lost
accounts are targeted externally
Best practice:
π Enforce MFA through your identity provider rather than individually per application
3. Apply Role-Based Access Control (RBAC)
Only assign permissions necessary for each userβs role.
Typical access structure:
Role | Recommended access |
Global Admin | Limited to system owners |
Location Admin | Site-level configuration |
Reception / Front Desk | Visitor management only |
Hosts | Visitor approvals only |
Avoid granting full admin access broadly.
4. Implement Joiner / Mover / Leaver access processes
Access should follow your organisationβs lifecycle controls:
Joiner
access approved before activation
Mover
permissions updated when roles change
Leaver
access removed immediately on departure
Tip π‘ If using SSO provisioning, this can be automated.
5. Configure visitor data retention settings
Teamgo allows administrators to define automatic record retention periods.
Recommended approach:
Organisation Type | Suggested retention |
Corporate office | 30β90 days |
Schools / childcare | per regulatory requirement |
Healthcare | policy-aligned |
Government / regulated | compliance-driven |
Benefits:
β Privacy compliance
β Reduced data exposure risk
β Cleaner reporting datasets
6. Configure privacy collection notices
Administrators can customise consent wording displayed during sign-in.
Recommended inclusions:
why visitor data is collected
how it is used
who it may be shared with
retention period
contact details for privacy enquiries
This supports compliance with:
Australian Privacy Act
GDPR (where applicable)
workplace safety obligations
7. Secure kiosk devices (iPads / Android tablets)
Kiosks should operate in controlled device mode.
Recommended configuration:
β Enable Guided Access (iPad)
β Enable Android kiosk mode
β Disable app switching
β Disable browser access
β Prevent system setting changes
Optional advanced protection:
π Deploy via Mobile Device Management (MDM) Examples:
Microsoft Intune
Jamf
Kandji
Workspace ONE
8. Secure badge printing infrastructure
If using visitor badge printing:
Ensure printers:
sit on secure internal networks
are not publicly accessible
are assigned static IP addresses where possible
are restricted to kiosk network segments
This prevents unauthorised print access.
9. Restrict location visibility
Multi-site organisations should apply location-level permissions. Example:
Sydney staff
β see Sydney records only
Melbourne staff
β see Melbourne records only Benefits:
β Privacy separation
β Reduced accidental exposure
β Cleaner reporting access
10. Review administrator permissions regularly
Schedule periodic reviews:
Recommended frequency:
π
Every 3β6 months Check:
unused accounts
excessive privileges
duplicate administrators
11. Keep kiosk apps updated
Always run the latest:
Teamgo kiosk app version
iPadOS / Android OS updates
Benefits:
β security patches
β improved QR scanning
β better badge printing reliability
β compatibility improvements
Security Best Practices for Staff and Hosts
Everyday users play an important role in maintaining workplace security.
1. Use secure authentication practices
If not using SSO:
β Use strong passwords
β Do not reuse passwords across systems
2. Never share login credentials
Each Teamgo user must have an individual account. Shared logins:
β reduce accountability
β weaken audit trails
β increase risk exposure
3. Confirm visitor legitimacy before approving entry
Always verify:
expected visitor identity
purpose of visit
correct meeting host
Especially important for:
π’ government environments
π« education settings
π₯ healthcare locations
4. Protect visitor personal information
Access only information required for your role. Do not:
β export records unnecessarily
β share screenshots externally
β retain visitor data offline
5. Lock unattended computers
When stepping away:
π lock workstation screens immediately
This prevents dashboard access by unauthorised persons.
6. Keep contact details updated
Ensure your:
email address
phone number
notification preferences
remain current for emergency alerts and visitor approvals.
7. Report unusual activity promptly
Notify administrators if you notice:
β οΈ unexpected visitor approvals
β οΈ incorrect badge information
β οΈ unknown administrators
β οΈ kiosk behaviour changes
Early reporting helps prevent incidents.
Advanced Security Controls (Recommended for Regulated Environments)
Organisations with higher compliance requirements should consider:
β SSO enforcement
β automated provisioning (SCIM where available)
β scheduled permission reviews
β watch lists / blocked visitor alerts
β restricted export permissions
β device fleet management via MDM
β privacy-region hosting alignment (AU / UK / US)
β periodic security configuration reviews
These controls are commonly used by:
government agencies
education providers
healthcare organisations
customs-controlled sites
infrastructure operators
Printable Security Setup Checklist
You can copy or print this checklist for deployment teams.
Teamgo Security Deployment Checklist
Identity & Access
β SSO configured
β MFA enabled for administrators
β Role-based permissions assigned
β Joiner / mover / leaver process defined
β Administrator access reviewed
Privacy & Data Protection
β Data retention policy configured
β Privacy collection notice customised
β Export permissions reviewed
β Location-level access separation configured
Kiosk Device Security
β Guided Access / kiosk mode enabled
β OS updates installed
β App updated to latest version
β Device physically secured
β MDM applied (if available)
Badge Printing Security
β Printer connected to secure network
β Printer not internet-exposed
β Static IP configured (optional best practice)
Operational Controls
β Staff accounts individually assigned
β Staff trained on visitor approval process
β Emergency notification contacts verified
β Periodic admin review scheduled
Ongoing Maintenance
β Quarterly permission review scheduled
β Device updates scheduled
β App updates monitored
β Retention policy validated annually
Get in touch with Teamgo if you would like to discuss this guide or require additional support and assistance.