It is now possible for administrators to allow their Silo users to access a limited functionality version of the Silo browser without the need to enter a PIN. This is useful for organizations who have controlled workstations and who want to provide basic Silo functionality seamlessly.
When Silo launches, it collects several pieces of immutable and mutable machine data and transmits that information back to Authentic8. One bit of immutable data is stored in the registry key: “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOwner”. This setting is used by the deferred PIN control to determine “ownership” of the machine. The workflow is as follows:
- A user within our global population tries to log in to the service from a computer
- Is the RegisteredOwner attribute of the connecting device in our table of "allowed devices"?
- If YES, at which org does this allowed state exist?
- Does the username associated with the login sit at or beneath this org?
- If YES, present the user with a version of Silo which is not personalized, but allows the user to access Internet sites, as needed.
- If NO, present the user with a standard login PIN.
- If NO, the user may log in normally.
Description of the Limited Functionality Version of Silo
If a user meets the requirements and logs into their deferred PIN browser, this is what they will see:
The users will have a browser with access to The Web and may log into any site they wish.
The Switch to Full Featured Silo
If a user attempts to save a website credential, save a bookmark, or presses the "Login To Access Your Apps" link, they will be presented with the PIN pad and must then enter their PIN to proceed. Once the PIN is entered correctly, they have full access to the product.
This feature can be set by Authentic8 personnel. Please contact your account rep or deployment engineer for specific recommendations on how best to enable this feature.