Single Sign On with Mobile IAM

Easily Access Mobile Apps and Intranet Sites with Single Sign On

Good Dynamics supports single sign-on (SSO) authentication, making it easy for users to login once to get access to all containerized apps on the device as well as behind-the-firewall enterprise resources without having to enter additional corporate credentials. Good uniquely supports this through the use of Kerberos Constrained Delegation to the mobile application. KCD can be used in lieu of users being required to enter their complex Enterprise credentials. This mitigates a potential risk of having the Enterprise credentials compromised off the mobile device.

Easily Manage and Use a Variety of Second Factor Authenticators

The Good Trusted Authentication Framework (TAF), built into the Good Dynamics platform, makes mobile IAM with second factors easy. Seamlessly extend support for an array of second factor technologies that span smart cards, OTP, biometrics, tokens, and more. Administrators can choose from innovative strong-authentication partner solutions for any Good-secured app, whether developed by Good, an ISV or custom built. Administrators simply select the authentication provider in the policy set for that user group and that’s it—the Good-secured apps follow the defined policy. With the plug-n-play simplicity of Good TAF, administrators can even assign different authenticators for different user groups, such as biometrics for a portion of their internal users and smart cards for another portion.

Second Factor Authentication with Mobile IAM
Fast Access to Apps with Mobile IAM

Provide Users with Fast Access to Apps

As part of the Trusted Authentication Framework (TAF), Good recently announced support for iOS Touch ID based authentication. Good’s implementation of Touch ID enables quick and easy application level access on iOS devices without compromising Good’s approach to container security.

Easily Embed RSA Soft Token Generation

Increasingly, organizations are using smart phones as a trust factor for mobile identity and access management. And many use RSA soft tokens to generate a one time password (OTP). End users now can seamlessly gain access to RSA SecurID Soft Tokens from Good Launcher within Good Work, Good Access, Good Connect and Good for Salesforce1.

Soft Token- Mobile IAM
Setup-Up Authentication with Mobile IAM

Enable Step-Up Authentication as Well as Contextual Access Control

Context may be an important factor in determining a user’s authentication scheme as well as access to specific apps and content. As an example, a salesperson might have access to CRM anywhere while on his mobile device, however, access to the order processing system might be restricted in certain locations. With Good Dynamics mobile IAM, administrators can choose to dynamically force step-up authentication or restrict access by utilizing location and proximity with partners such as AirPatrol. AirPatrol allows systems administrators to create “hot zones” that can change the features, apps and content available in Good-secured apps when it enters that zone. Hot zones can be as large as an entire building or as small as an office cubicle.


Automate and Ensure De-Authentication of Apps and Users

Removing users and ensuring they no longer have access to corporate applications is a key part of the mobile application management lifecycle. Administrators can easily remove a user and their access to all corporate apps through their console. Access to all apps is immediately removed whether the user is using them or not.

Easy Deauthorization with Mobile IAM