Admin Approved Devices
Foldr server update 18.104.22.168 introduces a new security feature called Device Approval. This allows an administrator to only allow access to Foldr from an authorised device. Device approval can be enabled for each app individually as required and there is an option to automatically approve devices if they connect from a particular network range (IP address or subnet). When a particular client type has device approval enabled, this will apply to all users.
At the time of publishing this article, the Foldr appliance offers the backend option for all client types, however only the Foldr web app supports device control. Mobile and desktop apps require an update to support this feature. Individual updates for the macOS, iOS, Windows and Android Foldr apps will be made available during Q1 2019 to support device control.
This KB article will be updated periodically to confirm platform compatibility with this feature.
Enabling Device Approval
Within Foldr Settings >> Devices & Clients there is a switch labelled ‘ Require Device Approval’ under each app tab. Example below shown for the web app (accessible under the ‘Web & Other’ tab)
If the device approval option is enabled, when a user next signs into the web app they will be prompted with a dialog showing that their device is not approved (in this case, the browser on this particular workstation).
The user, clicks OK and will be dropped back to the web app sign in screen.
To allow the user to use the web app in this example, the administrator needs to approve the device.
1. Sign into Foldr Settings >> Devices & Clients >> Connected Devices and locate the device in question. The administrator may export the devices list to search for a particular username. The search filter option will be improved in a future update to allow searching by the users unique identifier.
2. Click the in-line ellipsis button (shown during mouse over). Click View.
3. Click View
4. The display summary for the device and any pending approvals will be shown. If multiple users have tried to sign in on this device they will be listed here. To approve the user ‘Grace’ on this device, click the in-line ellipsis button.
5. Click Approve
6. Click Yes, Approve in the confirmation dialog.
Grace will now be able to sign into the Foldr web app on her Windows 10 machine. Any other user that attempts to sign in on the Windows computer using Chrome will be refused access and shown the approval dialog containing their unique approval request code.
Note that the Approved column has updated to display a tick and the pending approvals column has changed zero.
Automatic Device Approval
The administrator is able to configure specific IP addresses or subnets where the appliance will automatically approve any devices if they connect from that address / range. This could be useful to automatically approve mobile devices connected to corporate wifi connection or an IT lab.
Automatic Approvals can be configured within Foldr Settings >> Devices & Clients >> Device Approval
In the example above, users of the Active Directory group ‘Marketing will have their devices automatically approved providing they are connecting from the local network subnet 192.168.1.0 – To automatically approve all users on the subnet, use the built in ‘Foldr Users’ group.