Frequently asked questions

Similar documents
Frequently asked questions

Secure Your Enterprise with Usher Mobile Identity

WHITE PAPER Usher Mobile Identity Platform

NCSU SSO. Case Study

Enable and Turn on MicroStrategy 9s for Existing Projects. Mox Weber, Suhrud Atre, and Rakesh Arora

STRONGER AUTHENTICATION for CA SiteMinder

Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager

An Overview of Samsung KNOX Active Directory and Group Policy Features

The increasing popularity of mobile devices is rapidly changing how and where we

Adding Stronger Authentication to your Portal and Cloud Apps

ANALYTICS WHITE PAPER. MicroStrategy Analytics: Delivering Secure Enterprise Analytics

Copyright 2013, 3CX Ltd.

How To Use Usher For Business

Usher Mobile Identity for Higher Education Institutions. Rebecca Parks Associate Product Manager, MicroStrategy

Mobile Device Management Version 8. Last updated:

Security Architecture Whitepaper

Access Your Cisco Smart Storage Remotely Via WebDAV

Powerful analytics. and enterprise security. in a single platform. microstrategy.com 1

ADDING STRONGER AUTHENTICATION for VPN Access Control

Dell World Software User Forum 2013

Advanced Configuration Steps

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

An Overview of Samsung KNOX Active Directory-based Single Sign-On

Ensuring the security of your mobile business intelligence

Product Manual. MDM On Premise Installation Version 8.1. Last Updated: 06/07/15

Apps for every employee

The Convergence of IT Security and Physical Access Control

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

The Essential Security Checklist. for Enterprise Endpoint Backup

When enterprise mobility strategies are discussed, security is usually one of the first topics

Research Information Security Guideline

The Top 5 Federated Single Sign-On Scenarios

FileCloud Security FAQ

GO!Enterprise MDM Device Application User Guide Installation and Configuration for ios Devices

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA

GO!Enterprise MDM Device Application User Guide Installation and Configuration for ios with TouchDown

Using Usher at MicroStrategy FAQ

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

Google Identity Services for work

Copyright Giritech A/S. Secure Mobile Access

QuickStart Guide for Managing Mobile Devices. Version 9.2

The Convergence of IT Security and Physical Access Control

Centrify Cloud Connector Deployment Guide

Mobile Security. Policies, Standards, Frameworks, Guidelines

Employee Active Directory Self-Service Quick Setup Guide

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

Overview of Microsoft Enterprise Mobility Suite (EMS) Cloud University

Microsoft Enterprise Mobility Suite

MicroStrategy Cloud Reduces the Barriers to Enterprise BI...

Dropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description

Cloud Services MDM. ios User Guide

Improving Online Security with Strong, Personalized User Authentication

Deriving a Trusted Mobile Identity from an Existing Credential

SAS Mobile BI Security and the Mobile Device

tibbr Now, the Information Finds You.

SOLUTION BRIEF MOBILE SECURITY. Securely Accelerate Your Mobile Business

activecho Driving Secure Enterprise File Sharing and Syncing

Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper

FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution.

Mobile device and application management. Speaker Name Date

Access the TCNJ Palo Alto Networks VPN using the GlobalProtect VPN client

MOBILITY. Transforming the mobile device from a security liability into a business asset. pingidentity.com

Cloudessa AAA and Captive Portal Cloud Service

nexus Hybrid Access Gateway

Ensuring the security of your mobile business intelligence

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Symantec Mobile Management Suite

Offer Specifications Dell Management Services (EMS): mobilencrypt

Mobile Deposit Frequently Asked Questions

Comodo Mobile Device Manager Software Version 1.0

New Single Sign-on Options for IBM Lotus Notes & Domino IBM Corporation

API-Security Gateway Dirk Krafzig

Directory Integration with Okta. An Architectural Overview. Okta White paper. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107

Enterprise Security with mobilecho

Workday Mobile Security FAQ

Airnet-Student is a new and improved wireless network that is being made available to all Staffordshire University students.

Two-Factor Authentication (2FA) Registration Instructions Symantec VIP Access

MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY. EMEA Webinar July 2013

WHITE PAPER NEXSAN TRANSPORTER PRODUCT SECURITY AN IN-DEPTH REVIEW

Remote Desktop Services User's Guide

Web Conferencing: Unleash the Power of Secure, Real-Time Collaboration

ENTERPRISE MOBILE BACKEND AS A SERVICE EVALUATION CHECKLIST

Portal for ArcGIS. Satish Sankaran Robert Kircher

Identity in the Cloud

Leveraging SAML for Federated Single Sign-on:

Multi-Factor Authentication for your Analytics Implementation. Siamak Ziraknejad VP, Product Management

Mobile Device Management for CFAES

PRIVACY, SECURITY AND THE VOLLY SERVICE

MaaS360 Mobile Enterprise Gateway

Usher: a comprehensive. enterprise security guide

Kaspersky Security for Mobile Administrator's Guide

Using Entrust certificates with VPN

Vodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence

The Security Behind Sticky Password

Salesforce1 Mobile Security Guide

The Encryption Anywhere Data Protection Platform

Where are Organizations Today? The Cloud. The Current and Future State of IT When, Where, and How To Leverage the Cloud. The Cloud and the Players

The Centrify Vision: Unified Access Management

ios Team Administration Guide (Legacy)

This paper introduces the security policies, practices, and procedures at Smartsheet.

Transcription:

Frequently asked questions

For more information, visit Usher.com info@ Toll Free (US ONLY): 888.656.4464 Direct Dial: 703.848.8710

1 What is Usher? Usher is a mobile identity platform designed to provide security for every business process and system access across an enterprise. It replaces traditional forms of enterprise identity such as IDs, passwords, and tokens, with mobile identity badges on a smartphone. Usher is based on four big ideas: Dematerializing traditional forms of identity into a mobile identity badge, stored on a smartphone Linking a mobile identity badge to its owner, ensuring that only the rightful owner can use it Extending the mobile identity to every business process and application, enabling users to use their mobile identity badge to perform the same functions they previously would using physical forms of identity Deploying mobile identity to thousands of users within your organization Why does MicroStrategy have Usher? Usher is founded on two disruptive technologies mobile software and cloud deployment. MicroStrategy was a visionary in bringing these technologies to the BI market through its industry leading Analytics Platform, and following the company s success, CEO Michael Saylor identified opportunities to extend these capabilities to new markets. Cybersecurity represents possibly the most important mission critical concern facing every enterprise, institution, or organization on the planet, and Usher provides a mobile identity solution. Usher is designed not only to deliver both security and convenience to end users, but it also leverages the MicroStrategy Analytics Platform to deliver unique and powerful intelligence insights regarding all identity activities. Q: What does Usher offer? Usher features a cloud or on-premises self-service web portal, enabling an administrator to create and manage thousands of badges in a matter of minutes. With Usher, end users can: Confirm identity in person Log onto applications Open entryways Validate identity over the phone Unlock workstations Once distributed and configured, Usher badges can be used for password-less authentication to SAML-based cloud and web apps, Windows and Mac workstations, and physical access systems. Usher badges also permit peer-to-peer identity verification, and deliver powerful identity analytics and ongoing network management support for a comprehensive offering.

2 What specific versions/configurations of target applications and systems are supported with Usher? Usher includes the following: Directory Gateways: Active Directory OpenLDAP Logical Gateways: Configure Usher with cloud, web, and mobile applications; workstations, and single sign-on (SSO) systems to eliminate passwords. SAML Configuration/Web SSO Salesforce.com Google Apps Microsoft Sharepoint Requires an Active Directory Federation Services server, with an SSL-certificate signed by a third party Exchange/OWA Requires an Active Directory Federation Services server, with an SSL-certificate signed by a third party. Wordpress Mobile web SSO Mobile app SSO Mac unlock with Bluetooth OS X 10.9.4 Bluetooth Low Energy 4.0 Requires previously established Active Directory Gateway Login for Windows 7, 8, 2008 Requires previously established Active Directory Gateway Physical Gateways: Configure Physical Access Control Systems (PACS) to eliminate physical keys and cards Lenel OnGuard v6.6.287 Paxton Server v4.28 or later These require an adapter that is a Windows-based web service that communicates with the PACS server using DataConduit Lenel and Paxton adapter requirements: Windows Server 2008 R2 operating system (64-bit) or later Microsoft Internet Information Services version 7.0 or later Microsoft.NET Framework version 4.0 (64-bit) or later MySQL 5.5 database, with 64-bit DSN system pointing to it, to log adapter activity and errors

3 S2 Netbox v4.4 Adapter requirements: Red Hat Linux (64-bit) operating system Apache Tomcat web server version 7.012 or later Netbox server installed and enabled for remote connection MySQL 5.5 database, with 64-bit DSN system pointing to it, to log adapter activity and errors Honeywell EBI vr430.1 What is the pricing for Usher? Usher generally follows a monthly per-user subscription license fee model. A standard, baseline charge applies, and additional charges depend on the breadth of features included in your deployment. For a detailed discussion of pricing specific to your environment, please contact sales@. What devices and mobile platforms does Usher support? Currently, Usher is supported for devices running ios 7 and above, and Android 4 and above. Bluetooth peer discovery, as well as access to buildings and Mac workstations is enabled for iphone version 4s, 5, 5s, 6, 6 Plus, and ipod 5. Android supports Bluetooth peer discovery only. How is Usher deployed? Usher is hosted in a cloud environment. Self-service deployments utilize this SOC 2 Type II compliant cloud environment to host the entire Usher architecture. For customers with a private cloud mandate, the entire Usher Platform can be installed behind the firewall for a full on-premises deployment. Contact sales@ for additional details. What happens if the phone is lost or stolen? In the mobile identity context, losing the phone is often associated with losing your wallet or keys. The traditional measure no longer apply, such as canceling cards, changing locks, losing productivity during visits to credentialing authorities, etc. In the case of Usher these credentials and keys are software based, and a single administrative action can revoke all Usher privileges for a specific user/phone instantly. This logs the user our of the phone and will not permit further login for the user on that device without explicit permission. Meanwhile, on a replacement smartphone, the user simply installs Usher from the app store and authenticates to instantly restore all of their badges and credentials.

4 How does Usher work without Internet access? Usher currently offers a number of offline capabilities. For physical access, you can have a Bluetooth reader (either the UBeacon or ipad reader) at the door, which is connected to the network (hard-wired or Wi-Fi), and a disconnected Usher mobile client can unlock the door For logical access, a disconnected Usher mobile client can unlock a Mac workstation Peer-to-peer validation works when the validated user is offline, but the validator must be online How is Usher secure? Usher uses the most robust industry standards to incorporate the best practices in system security. The Usher server architecture is built on Public Key Infrastructure (PKI) to ensure that only authorized Usher users communicate with the Usher server, and only from authorized Usher client devices. The Usher server identifies a valid user by their client s unique X.509 certificate, which the Usher server generates and assigns when the user initially launches the Usher app. This public-private key cryptography workflow ensures that requests to the Usher server only come from legitimate Usherenabled devices. Furthermore, the Usher server provides an out-of-band (OOB) communication channel that uses 256-bit SSL protocol to prevent interception of sensitive data over public networks. User authentication occurs through this OOB channel, involving multiple factors (explained below) and employing TLS encryption for all traffic over the channel that does not allow phishing or interception of user credentials. AES-128 GCM encryption protects basic user data such as username and email. What security/data PII does Usher manage? Where does this data reside? Usher manages only basic user information including first name, last name, email address, company name and job titles. These fields are stored in the server and the mobile devices, and protected by AES- 128 GCM encryption. What factors of authentication does Usher offer? Usher is a true multi-factor authentication solution, leveraging the following security factors: Knowledge factor, or something you know passcode-protected app and/or device Inherence factor, or something you are integration with Touch ID Possession factor, or something you have the phone itself, with its unique cryptographic certificate used to communicate with the Usher server Does Usher slow down my phone? No, Usher is a light app that will not slow down your phone.

5 Does Usher drain my phone battery? Usher uses Bluetooth Low Energy (BLE) to communicate with other devices in order to achieve logical access, physical access, as well as peer-to-peer user discovery. BLE is designed to transmit small amounts of data over a low energy link, thus requiring low power. The amount of additional power required to support the Usher BLE communications is negligible. Does Usher take a lot of space/memory on my phone? Usher occupies very little space itself. Space occupation may increase if you enable pre-caching functionalities. Usher won t take a lot of memory either; memory usage of Usher is at the same level of popular apps, such as Facebook, WhatsApp, LinkedIn, etc. How does the registration/enrollment process work? Registration and enrollment work as follows: The network administrator adds a user to Usher via the user s email address Usher sends an email to the user with a unique badge link The user clicks the link on their mobile device, which opens the Usher app If this is the first time the Usher app is launched, the server assigns it an access token, the app generates a key pair and a certificate signing request (CSR) and sends the CSR to the server. The server returns an X.509 client certificate based on the CSR to the app, and associates this access token and certificate with the current user. From that point on, the app uses the X.509 certificate and access token in every request to the server Usher server returns the badge information to the Usher app, which displays it to the user What reports and analytics can Usher provide? Usher Intelligence is built on the MicroStrategy Analytics Platform backend, PRIME, and frontend Analytics Platform, empowering Usher administrators with a view into the health of their Usher network population and trending over time, allowing for in-depth resource and member analysis, and transaction record auditing. How do I get support for Usher? To reach Usher s 24/7-support hotline, please contact one of the numbers below: 1-844-777-6580 (US only) 1-703-637-6075

1850 Towers Crescent Plaza Tysons Corner, VA 22182 Copyright 2014. All Rights Reserved. COLL-1307 1114

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information