FAQ of SSO1 (gControl) for Google Apps

Yes, SSO1 (gControl) does save passwords using SHA 1 encryption method. CloudCodes is SOC2-Type I certified. It is also going through SOC2 Type-II and CCM compliance. We stored users password with the same algorithm thats used by Google. As part of our standard security policies are in place to provide access to internal employee of CloudCodes

Based on authentication mode chosen the mechanism differs.

  1. Google Apps, it uses standard api of Google SDK.
  2. Active Directory, it uses LDAP apis to connect.
  3. Azure Active Directory, it uses Azure AD apis.

No, SSO1 (gControl) doesn't require any additional hardware. It is a cloud based solution for business and is downloadable from Google marketplace .

In case of AD feature we do require a machine acting as a bridge between SSO1 (gControl) and AD.

No, SSO1 (gControl) doesn't have any dependencies on any third party software. But certain features requires browser extension to be installed.

Yes. There is dependency on Adobe AIR and JAVA JDK 1.7 (Ubuntu) for device agent. Also since we use crossrider platform for extensions, all crossrider links must be open in the customer network.

Does SSO1 (gControl) requires browser extension for all features?

No, SSO1 (gControl) requires browser extension for the following features

  • Idle Session Timeout
  • Consumer gmail block
  • 3rd party app restriction
  • Rights Management for email
  • Domain whitelisting

The following browsers are supported by SSO1 (gControl)

  1. Chrome- version 30 & above
  2. Firefox- version 26 & above
  3. Internet Explorer- version 11 & above
  4. Safari

Yes, rights management for email is only supported for Chrome browser.

Yes, SSO1 (gControl) provides true single sign on support for Active Directory i.e. if a user login to their desktop using AD credentials and then they try to access Google Apps through browser then they don't need to provide their credentials again.

It is a Cloud based Solutions for business

No, SSO1 (gControl) control access to Google Apps on browser only.

No, SSO1 (gControl) overrides the default 2FA (2- Step Verification). 2FA can be provided by buying plans for SMS provider such as plivo. SSO1 (gControl) also supports integration with Google Authenticator.

No. device restriction feature does not work on Chromebook Notebook.

NO.SSO1 (gControl) is an web-based SSO solution.Therefore it does not work for IMAP and POP3.

Yes. With Device Restriction policy in SSO1 (gControl),it is possible to restrict the user to login only from a specific device which is saved along with the user's mail id

Device Restriction policy works only on Laptops and PCs.It does not work on mobiles and tabs.

No. Private IP addresses can not be used in IP restriction policy.IP restriction policy must be set up with Public IP or Proxy IP of the organization.

Go to SSO1 (gControl) Dashboard → Click on Custom Login page link from QuickLinks → Click on SAVE button.

Yes.Instead of admin,User can reset his own password with Forgot Password feature in SSO1 (gControl).

Go to Custom Login Page from Quick links.Click on SAVE button.

Step 1:

Click on Advance Settings from Quicklinks →  Click on Extension Settings →  Find For TYPE: →  Select Admin Managed →  Click on SAVE.

Step 2:

Go to Google Apps Admin Panel,

Click on → More Google AppsChrome ManagementUser Settings →  Preinstalled Apps →  Manage Pre-installed apps →  Click on Chrome Web Store →  Type in search box CloudCodes SSO1 (gControl) →  Click on ADD →   Click on SAVE to save the settings.

This is because the newly moved users  have not got synced. In order to sync the users manually,Click on Advanced Settings  →  Click on Setup User Sync →  Click on  SYNC NOW.

Administrator will be notified by sending an email after completion of Sync process.

Any Google page like Google Drive, Google Calendar or Portal of your organization created with Google Sites portal can be set as a landing page.

→ Users are only authenticated through Active Directory. User's passwords in Active Directory are not saved with SSO1 (gControl). We do have an option of syncing passwords. we do the sync at the login time unlike the GAPS tool which does the sync only when the User changes his password in AD.

→ Emails of users are stored in the encrypted format. Method used for encryption is AES. Data(Emails) are stored on App Engine and not on any local server.

CloudCodes provides Cloud based Solutions for Business.

→ Agreement  feature enables administrator to enforce the terms and conditions of the organization on users.

Landing Broadcast feature is configured in order to inform users about certain changes or display notices/updates.

The message in agreement policy is displayed only once as repetition option is not given in the policy whereas message in landing page policy can be showed on every login or only once.

Users with Windows mobile phone can use Microsoft Authenticator for 2-factor authentication.