v3.6.2

How to create and set Device Access Profiles

Hideez Enterprise Solution Administration

The administrator can configure separate access settings for each Hideez Key. Access settings can only be set via HES. Settings are grouped into profiles. The first profile - Default - is created during the installation of HES, the administrator adds the rest. Read about Default Profile settings.

To configure profiles, go to Settings > Vault Access Profiles.

You can edit an existing profile, create a new one, and delete it.

Do not forget to set the desired profile to the Hideez Key.

Edit an existing profile

Step 1

To edit an existing one, you need to select a profile by clicking on it and then click Edit.

Step 2

Make all needed changes and click Save. Read about Profile Settings.

Create a new profile

Step 1

To create a new one, click the Create Profile.

Step 2

Make all needed settings and click Create. Read about Profile Settings.

Delete profile

Step 1

To delete an existing one, you need to select a profile by clicking on it and then click Delete.

Step 2

Approve action by clicking Delete.

You can delete Profiles which are not in use by Hardware Vaults. Otherwise, you need to first assign other profiles to the hardware vaults.

Set a profile for the device

For the created profile to work, it must be assigned to the device.

Set a profile for a device

When an administrator changes profile settings, remote tasks are created to change these settings on each affected device. These tasks will be completed as soon as the device is connected.

Profile settings explanation

Bonding - the first connection of the device to the workstation (Bluetooth pairing).

Connection - reconnect to the workstation (restore communication with the device after disconnecting the device in the application or after locking the workstation).

New channel - opening an additional encryption channel (every time you want to use the credentials stored in the device’s memory, access to the storage on the device is requested).

For each of the three events (Bonding, Connection, New channel), three types of confirmation are possible to enable this event: pressing a button on the device, entering the PIN code, server authorization.

Note! The installed Server Confirmation / Connection checkbox will not allow you to unlock your computer without connecting to the server.

PIN expiration timeout - time after which PIN re-entry will be requested (1 minute - 48 hours).

PIN length - PIN code length (4 - 8 characters).

PIN incorrect entry - number of unsuccessful PIN attempts (3 -10 attempts).

Default Profile Settings

By default, all Employees have Default Profile with such parameters:

  • For the bonding (first connection to the PC) Employee should press the button and enter PIN code. Also, HES should be available.

  • Every 24 hours Employee should enter the PIN code.

  • PIN code length - 4 digits.

  • 5 attempts for entering PIN code.

Last updated