Release Notes
Abstract
In the previous releases, MaaS360 integrated with Entrust to provide secure access to PIV-secured corporate resources such as emails, VPN, and Wi-Fi on mobile devices. In the second phase of series of enhancements, MaaS360 leverages Entrust to provide Bluetooth-based access for stronger and convenient enterprise authentication across macOS workstations.
Content
Entrust takes advantage of Mobile Smart Credentials on mobile devices to provide proximity-based access to workstations and network resources. When the end-user approaches the work premise, MaaS360 automatically detects the mobile devices with the embedded credentials and prompts for a secure PIN for authentication, eliminating the need to enter a username and password.
Note: The feature is supported only on macOS devices.
Prerequisite
Prerequisite
- The Entrust IdentityGuard Bluetooth Smart Credential software must be installed on the macOS devices.
Admin setup
Follow these steps to enable Bluetooth based workstation login in the MaaS360 portal:
- Navigate to Security > Policies and then open a persona policy.
- Click Workplace > Security and then select Enable Bluetooth-based workstation login.
User setup
Prerequisite
- Bluetooth must be enabled on iOS devices.
- MaaS360 PIV-D app must be installed and activated.
- The secure pin that was generated after the activation of PIV-D app must be kept handy.
Pairing computers with the mobile device
You can use the MaaS360 PIV-D app to add multiple computers that you want to authenticate with a secure pin.
Follow these steps to pair computers that qualify for Bluetooth-based authentication:
- Navigate to the Devices tab in the MaaS360 PIV-D app and then select Enable Smart Card.
- Tap the (+) icon to add computers that you want to qualify for Bluetooth-based authentication. Result: MaaS360 displays the list of supported macOS computers.
- Select a device from the list. Result: A connection request is sent to the selected computer.
- Click Connect. Result: The computer is successfully added to the devices list and it is in the not connected stage at this point.
- Tap the device name to pair it with the computer.
Result: The SmartCard pairing request is sent to the computer. - Click Pair.
- Provide device password and click Pair again.
- Provide the secure PIN that was generated after activating the MaaS360 PIV-D app and click OK.
- Provide a keychain password and then click OK.
Result: The computer is successfully paired with the mobile device.
Qualifying a computer for auto-connection
When a computer is enabled for auto-connection, the mobile device detects that computer when you are in the Bluetooth range and then displays a PIN screen for authentication.
Note:
- You can only qualify one computer for auto-connection.
- If the computer is not qualified for auto-connection, the computer must be manually paired with the mobile device.
Follow these steps to qualify a computer for auto-connection
Prerequisite:
- The computer must be paired with the mobile device.
To select a device for auto connection,
- Navigate to Devices and then tap Connect Automatically. Result: The list of paired computers is displayed.
- Tap Enable Auto-Connect and then select a device that you want to qualify for auto-connection.
Result: The selected device is successfully qualified for auto-connection.
When the computer is connected to the mobile device with the embedded credentials, the PIN screen is displayed for authentication.
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYSXX","label":"IBM MaaS360"},"Component":"MaaS360 for iOS","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
13 May 2019
UID
ibm10883840