More

    Introducing OneIdP: Transform Device and Identity Management on Scalefusion

    We’re thrilled to share a major leap in our innovation journey—the introduction of our very first UEM-integrated identity and access management solution, Scalefusion OneIdP. This release is a significant step forward in our commitment to making device management and security simple yet effective.

    For small and medium-sized enterprises (SMEs) and larger businesses alike, OneIdP brings device and user management together within a single platform. You can now create and manage user identities and enable them to access your managed devices securely.

    This is a special milestone in our journey as we strive to extend a straightforward and comprehensive solution for identity management within our mobile device and endpoint management platform.

    Today also marks a significant step towards our commitment to helping IT admins manage their PC/Mac inventory. By offering them granular settings to manage device sharing, we are excited to announce Shared Devices and User-based Profiles for PCs and Macs.

    To understand more about how OneIdP works, let’s understand the different features that help customize the login flow and apply conditional login access for macOS and Windows.

    OneIdP

    Introducing OneIdP

    OneIdP is an IAM suite with three major elements or features: directory services, access management (MFA-based), and single sign-on (SSO). It was introduced to streamline user authentication and authorization and ensure secure access to Windows and macOS devices managed by Scalefusion. OneIdP is powered by the shared device feature and user-based profiles available on the Scalefusion dashboard.

    Shared Devices & User-Based Profiles (UBP)

    Managing a PC or Mac in an enterprise environment involves managing shared devices unless your organization has a ‘laptop only’ policy. For companies offering desktops and iMacs where employees can log in from any of the machines, in any of their locations, and in any shift, it becomes important for the IT admins to ensure that only authorized employees have access to the machine and once they log in, the appropriate usage policies are applied.

    With this new release, IT admins can easily implement a shared device policy and ensure that device access complies with both the user access policy and configuration policies.

    This can done by simply configuring the following settings in the Scalefusion dashboard

    • Allow devices to be shared within the group: Enable/disable device sharing within the assigned user group. This setting needs to be enabled to access the other features within the User-Based Profile. 
    • Allow the device to be shared by users across groups: Enable/disable device sharing across user groups.
    • Allow multi-device login: Control user logins from multiple devices simultaneously.
    • Allow ungrouped users to log in: Enable/disable login for users that do not belong to any group.

    The compliance actions for Shared Devices on the Scalefusion dashboard include two key features:

    • Force Logoff: This automatically logs off users not complying with device-sharing settings, with the option to configure a message explaining the reason for the logoff. 
    • Auto Logoff: This feature enables IT admins to set a specific duration, after which the users are automatically logged off.

    Once the Shared Device setting kicks in, Scalefusion’s User-Based Profiles are created. After a user is allowed to log in to a device, a profile (policy settings) based on the user’s current user group is auto-assigned to the device. This ensures that the user has access to the right set of apps required to work.

    This sets the perfect stage for OneIdP.

    Transform Your Login Access Management

    Developed to empower IT administrators with improved control, OneIdP offers identity & access management within the Scalefusion ecosystem. In an era where secure and efficient user logins are paramount, OneIdP steps in to redefine the “How” and “When” of accessing managed Windows and macOS devices.

    Integrated seamlessly into Scalefusion MDM, OneIdP ensures a consistent sign-in experience across devices and services. Validate users through directory credentials and configure multi-factor authentication (MFA) methods to eliminate concerns about local account passwords. For device maintenance, admins can grant login privileges to local administrators or selected users in addition to directory users.

    IT admins can apply conditional access policies by defining geofences, IP address limitations, Wi-Fi-based restrictions, and conditions on the date and time with which a user can be allowed access to the enrolled Windows and macOS devices using OneIdP. This granular control ensures compliance with organizational policies, security protocols, and labor laws.

    Whether an organization utilizes a directory service like Microsoft Entra or Google Workspace or operates without one, OneIdP offers seamless adaptability. It extends the same robust conditional access policies to local accounts, catering to a diverse range of organizational needs.

    With OneIdP, you’re not just adopting an add-on; you’re elevating your device security strategy.

    MDM-Driven Directory Service

    Earlier this year, we added support for Shared Android devices. While we were working on the Shared Devices support for desktops/Macbooks and building our OneIdP suite, we observed that SMEs and a few large-scale enterprises find it either too complex or not cost-effective to create user identities for their frontline or contractual workers. 

    They either have to choose a commercial solution that tries to bundle a plethora of services that may not be required for the frontline workers or have to let frontline workers use their personal email IDs to sign in to work devices to be able to enable sharing or as for their desktops create and manage local accounts. We have also observed several enterprises spinning off a local Active Directory to create and manage users to control the costs.

    And this is why OneIdP’s directory services came into being.

    Scalefusion OneIdP offers an out-of-the-box directory service focused to help with device management and enable user-based enrollment or shared devices. This solution is directly integrated with the Scalefusion dashboard, allowing IT admins to use their existing Scalefusion accounts to get started right away.

    You can choose a custom *.oneidp.com domain OR add & verify your own domains and start adding users from the Scalefusion dashboard. You can create as many users as you want once you have a verified domain and have your employees use it to enroll and log in to their Android, Windows, and macOS devices that are managed by Scalefusion. 

    OneIdP’s directory services enable you to bypass the hassle of creating and managing local accounts on your managed devices and easily create identities from the Scalefusion dashboard. You can also easily reset passwords in case an employee forgets them or delete a user once they leave the organization.

    What’s next…

    SSO, one of the three components that complete the OneIdP suite, is currently under development. While our team is gearing up to launch it in mid-2024, we are excited to see how our customers and partners make use of OneIdP. We expect the three core features to simplify the device management experience further and help ascertain Scalefusion’s contribution in making the day-to-day of an IT admin a breeze.

    Do let us know your thoughts and feedback by dropping us a note to [email protected] or book a demo and we will be glad to hear from you.

    Sriram Kakarala
    Sriram Kakarala
    Sriram has been developing mobile applications for 10+ years. His experiences include working on a BYOD solution, a custom Android OS for the enterprises and multi-headed Chat clients for consumers. He has had experience working for early stage start-ups to mid-size stuck-ups and near-stagnant MNC’s. On a personal level he thinks a nice sandwich is all that the world needs!!.

    Product Updates

    Embracing The Next Era with Veltar Endpoint Security Suite

    In 2014, Scalefusion aimed to transform device and user management by delivering comprehensive solutions that enhance enterprise security and operational efficiency. With a clear...

    Scalefusion Declares Day Zero Support for Android 15: Fresh Enrollment Ready!

    At Scalefusion, our decade-long expertise in Android MDM empowers us to confidently deliver Day Zero support for Android 15 fresh enrollments. For over 10...

    Expanding Horizons: Scalefusion Now Supports ChromeOS Device Management

    Scalefusion was built with the vision of being an all-encompassing device management platform that doesn’t restrict enterprises from choosing which devices and OSs to...

    Staying Ahead of the Curve: Scalefusion’s Solutions for a Smooth Transition to Apple’s New OS

    Apple's recent announcements have opened up new possibilities for users in both enterprise and personal spaces, thanks to groundbreaking advancements in iOS 18 and...

    Feature Round-up: July and August 2024

    Exciting updates have arrived from July and August 2024!  We’ve introduced a range of new features and enhancements designed to take your Scalefusion experience to...

    LDAP vs. Active Directory: Know the Differences and Use Cases

    When managing user information and network resources, think of LDAP and Active Directory (AD) as two powerful tools in...

    How to disable USB Ports on Windows 11 and 10? A step-by-step guide

    External devices like USB drives play a dual role: they enhance productivity by enabling quick data transfers but simultaneously...

    Must read

    Expanding Horizons: Scalefusion Now Supports ChromeOS Device Management

    Scalefusion was built with the vision of being an...

    Securing BYOD Environments with Comprehensive IAM Solutions

    The rise of the Bring Your Own Device (BYOD)...
    spot_img

    More from the blog

    Scalefusion UEM Features for ChromeOS Device Management

    With ChromeOS becoming the go-to operating system for modern workplaces, educational institutions, and businesses looking for simplicity and security, managing these devices efficiently has...

    What is Windows Application Management? How to Manage Apps on Windows 10 Devices? 

    Windows devices power critical operations across industries. But as businesses grow and workplace models evolve, managing applications on these devices becomes a challenge that...

    IAM vs PAM: Understand Where They Intersect and Diverge

    You can never risk it when it comes to the security of your business, and you shouldn’t. Managing access to sensitive information and systems...

    Native macOS Security Features Every Mac Admin Should Know

    Protecting data often requires layers of security tools to cover all the bases. But what if your operating system came built-in with powerful security...