Hello community
I was wondering if someone else has bumped into a similar issue described below? If so, how did you address it/any workarounds?
Basically, one of our clients has very strict security requirements. Part of which is only allowing users to access Qualtrics from a certain IP address/Range.
So we did the obvious thing. i.e. set IP restrictions inside user permissions as described in this support article.
Now the issue - as briefly mentioned in the article above, this check only happens on login. So, if a client user logs in (say with work VPN or onsite), they are able to log in as expected, but then if they disconnect to work VPN/connect to a hotspot, for example, Qualtrics session continues uninterrupted.
For most orgs, this is probably not even an issue but with certain clients (particularly govt agencies), they treat it like a gaping security hole.
Keen to hear everyone's thoughts.