You are viewing limited content. For full access, please sign in.

Question

Question

Laserfiche Mobile Device Whitelist

Mobile Version 10 Administration
Updated February 14, 2018
asked on February 12, 2018

Hello,

I'd like to make LF Mobile available to the WAN for some of my users. Unfortunately my users are strong opposed to having any sort of password reset requirements, and passwords only get changed upon evidence of a breach (up to this point that means someone's email getting hacked, as no other services were available on the WAN). Outside of converting my users from Windows Authentication to Repository Users, I can't find a way inside of LaserFiche to lock this down. I can see a device blacklist in the Mobile Configuration screen; is there a whitelist so that when a device attempts to connect, I can add them to that list and only allow a small number of devices can connect and I do not have to monitor that list constantly for a potential breach?

Thank you.

0 0

Answer

SELECTED ANSWER
replied on February 12, 2018

Hi Scott,

The whitelist is on our backlog.

We didn't do it in the first place is because it's hard to get the device ID before a user even logged in.

And the approach you proposed is one solution that we are going to work with.  The simplest solution is that admin can proactively go and check the requests to join the whitelist. Then we can improve the notifications method with the ability to notify with emails.

So when you get a notification, you will identify them by the username? or you prefer they state who they are? what other information do you need?

 

Best,

Julia

0 0
replied on February 12, 2018

Julia, first of all, thanks for responding with that information! I'd think it would be pretty straightforward to have it ask on the same screen where you specify that you'd use a whitelist instead of a blacklist.

In regards to what I need to authenticate them after notified... Personally, all I care about is their email address (username if Forms Participant), and I can get any other information I may need out of our company directory from there. I don't even mind if there are no notifications, as someone will call me if they can't get in, but I know that isn't necessarily realistic for companies with more than 100 employees.

1 0
replied on February 14, 2018

Noted. Yeah. we'll be considering the scalability for sure. 

0 0

Replies

You are not allowed to reply in this post.
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...