FAQ

Service Basics

What kind of solution is SHIELD ID?

info

Core
Centralized management of organizational accounts and authentication.**Zero Trust-based IdP (Identity Provider)**This is a solution.

SHIELD ID provides the following features:

Simultaneously supports cloud and on-premises environments.
SSO (Single Sign-On), MFA (Multi-Factor Authentication), Provisioning, Account Lifecycle Management

What should be prepared before introducing SHIELD ID?

The main preparations are as follows:

Preparation Items	Description
Securing Administrator Privileges	Administrator account required for the linked target system.
Network and Firewall Configuration	Procedures for Secure Communication
Establishing an authentication policy	Conditional Access Policy, MFA Configuration

Authentication Method

What authentication methods does SHIELD ID support?

SHIELD ID basically supports the following authentication methods.

Security365 Certification

**Use your Security365 ID and your own password.**This is an authentication method.

Used when a manually registered user logs in.
Password reset available if needed.

CSP Certification (Cloud Service Provider)

**Cloud service accounts already in use by organizations such as Microsoft365, Google, etc.**This is the method for logging in.

danger

ID registered with Security365 and CSP account**The ID must match.**Authentication is possible.

How are account and password policies managed?

Administrators can set policies such as password length, combination rules, change frequency, and reuse prohibition through the Security365 management center console.

Policy item	Setting Range
Minimum length	8 ~ 13 characters
Change Cycle	30 ~ 180 days
Automatic Logout	Unused time (1 ~ 12 hours) 기준
Multi-access control	Automatically terminate existing sessions when accessing from a different IP with the same account.

사용자는 로그인 시 자신의 마지막 접속 기록(IP, 시간)을 확인할 수 있어 보안 인지를 높일 수 있습니다.

HR Integration

Can I check the user group path on the log page after the HR integration?

SHIELD ID integrates with Microsoft Entra ID or SCI Server,**A feature that allows users to check their affiliated group path on the log page.**provides.

Through this, administrators can intuitively understand the user's organizational location (department, team, etc.) during log analysis.

Where can I check the synchronized group path?

log page'sDepartment columnYou can check it at __PH_0__.

Search Function:
You can also search logs based on the user's group path.

For example: The group affiliation path of Hong Gil-dong is __PH_0__.소프트캠프/영업부문/영업1팀in case

소프트캠프, 영업부문, 영업1팀No matter what you search for, Hong Gil-dong's logs are retrieved.

Is any action required for group path synchronization?

After changing the integration settings, the first timeOne-time manual synchronizationis required.

warning

The group path information will be reflected in the logs only after synchronization is complete.

What should be noted when setting up group paths?

Setting the Reference GroupIf the reference group is set incorrectly, some users' group paths may not be visible.
Microsoft Group SyncIn the specified group synchronization, user data outside of the selected group is not included.
SCI ServerThe top-level group is automatically set, so no separate selection is required.

Passwordless

Which browsers support passwordless FIDO2 authentication for registration?

**Registration is recommended using the Microsoft Edge browser.**It is done.

warning

When using the Chrome browser
When registering in the Chrome browser, there are cases where it gets saved in Google Password Manager and cannot be used during the SHIELD ID authentication process.

What should I do if I have lost my authentication device or cannot use it?

on the login screen다른 방법으로 로그인You can log in using the password method by clicking __PH_0__.

추후 기기 재설정(초기화) 기능은 업데이트를 통해 제공될 예정입니다.

The passwordless registration window appears every time. Why is that?

If you have not registered an authentication device yet, a window will appear after logging in to check whether to register for Passwordless each time.

Solution:
오늘 하루 보지 않기By checking this, the corresponding popup can be hidden for one day.

I keep failing at passwordless authentication. What should I do?

Try the following steps:

Retry according to the provided instructions.
다른 방법으로 로그인Click to change the authentication method and attempt authentication.
Check if the authentication device is properly connected and active.

Does passwordless authentication support mobile environments?

It is possible, but there may be some limitations depending on browser compatibility (Safari, Chrome, etc.).

Service Basics​

What kind of solution is SHIELD ID?​

What should be prepared before introducing SHIELD ID?​

Authentication Method​

What authentication methods does SHIELD ID support?​

How are account and password policies managed?​

HR Integration​

Can I check the user group path on the log page after the HR integration?​

Where can I check the synchronized group path?​

Is any action required for group path synchronization?​

What should be noted when setting up group paths?​

Passwordless​

Which browsers support passwordless FIDO2 authentication for registration?​

What should I do if I have lost my authentication device or cannot use it?​

The passwordless registration window appears every time. Why is that?​

I keep failing at passwordless authentication. What should I do?​

Does passwordless authentication support mobile environments?​