It is now possible for administrators to control or lock specific workstations to Silo organizations. This is useful for organizations which allow Silo on their organization controlled workstations, but do not want their users to log into their personal Silo accounts from those workstations.
When Silo launches, it collects several pieces of immutable and mutable machine data and transmits that information back to Authentic8. One bit of immutable data is stored in the registry key: “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOwner”. This setting is used by machine lock control to determine “ownership” of the machine. The workflow is as follows:
A user within our global population tries to log in to the service from a computer
Is the RegisteredOwner attribute of the connecting device in our table of "locked devices"?
If YES, at which org does this lock state exist?
Does the username associated with the login sit at or beneath this org?
If YES, allow the login. If NO, block the login and issue a notification via the client.
If no, the user may log in normally.
This feature can be set by Authentic8 personnel. Please contact your account rep or deployment engineer for specific recommendations on how best to enable this feature.