Single Sign On with Mobile IAM

Easily Access Mobile Apps and Intranet Sites with Single Sign On

Good Dynamics supports single sign-on (SSO) authentication, making it easy for users to login once to get access to all containerized apps on the device as well as behind-the-firewall enterprise resources without having to enter additional corporate credentials. Good uniquely supports this through the use of Kerberos Constrained Delegation to the mobile application. KCD can be used in lieu of users being required to enter their complex Enterprise credentials. This mitigates a potential risk of having the Enterprise credentials compromised off the mobile device.

Easily Manage and Use a Variety of Second Factor Authenticators

The Good Trusted Authentication Framework (TAF), built into the Good Dynamics platform, seamlessly extends support for an array of second factor technologies that span smart cards, OTP, biometrics, tokens, and more. Administrators can choose from innovative strong-authentication partner solutions for any Good-secured app, whether developed by Good, an ISV or custom built. Administrators simply select the authentication provider in the policy set for that user group and that’s it—the Good-secured apps follow the defined policy. With the plug-n-play simplicity of Good TAF, administrators can even assign different authenticators for different user groups, such as biometrics for a portion of their internal users and smart cards for another portion.

Second Factor Authentication with Mobile IAM
Fast Access to Apps with Mobile IAM

Provide Users with Fast Access to Apps

As part of the Trusted Authentication Framework (TAF), Good recently announced support for iOS Touch ID based authentication. Good’s implementation of Touch ID enables quick and easy application level access on iOS devices without compromising Good’s approach to container security.

Enable Step-Up Authentication as Well as Contextual Access Control

Context may be an important factor in determining a user’s authentication scheme as well as access to specific apps and content. As an example, a salesperson might have access to CRM anywhere while on his mobile device, however, access to the order processing system might be restricted in certain locations. Good Dynamics allows administrators to choose to dynamically force step-up authentication or restrict access by utilizing location and proximity with partners such as AirPatrol. AirPatrol allows systems administrators to create “hot zones” that can change the features, apps and content available in Good-secured apps when it enters that zone. Hot zones can be as large as an entire building or as small as an office cubicle.

Setup-Up Authentication with Mobile IAM
Easy Deauthorization with Mobile IAM

Automate and Ensure De-Authentication of Apps and Users

Removing users and ensuring they no longer have access to corporate applications is a key part of the mobile application management lifecycle. Administrators can easily remove a user and their access to all corporate apps through their console. Access to all apps is immediately removed whether the user is using them or not.