Users
Welcome to XFA, a platform designed to enhance your organization's security by ensuring devices meet compliance standards during SSO authentication. This guide provides an overview of what XFA is, how it works, and why your company benefits from using it.
What is XFA?
XFA is a security tool that ensures your computer meets your company’s security requirements.
XFA checks your computer for things like:
- Your operating system and internet browser are up-to-date
- Your malware protection software is working properly
- Your device encryption is on
- ...
If your device fails one of these checks, then XFA will prevent you from signing in to your work apps until you have fixed the problem. But don’t worry, we’ll give you plenty of warning, and always help you get unblocked.
How Will I Use XFA?
There are a few ways you’ll interact with XFA: during your SSO sign-in, through our native app, or through our mobile app.
XFA during SSO authentication
When your computer is in good shape, XFA doesn’t get in the way. You may see a brief moment while it checks your device for issues during the SSO sign-in process, but that’s it.
Sometimes XFA will find a problem and ask you to fix it before letting you sign in. Here’s an example of what that looks like.
After XFA is rolled out, you may need to fix a few things at first, but then you probably won’t hear from us again until it’s time to install a security update.
If you haven’t fixed an issue but you urgently need to authenticate, you can also skip the device check.
However, your IT team may disable this feature for particularly urgent issues.
Why Does My Company Use XFA?
Most organizations have legal and contractual obligations to protect sensitive data and practice good security. This obligation includes keeping employee devices secure. However, there are many device security products that block employees from signing into work apps without explaining why and force you to contact the IT Help Desk each time you are blocked.
Your company chose XFA because:
- We inform you something is wrong before your computer gets blocked
- We provide well-written instructions on how to fix most problems
- We offer options to ask for exemptions and extra time
In other words, your company chose XFA because they care about your experience, and they want to run a security program that is effective but minimally disruptive.
What does XFA check for?
XFA checks your computer for compliance and security issues. Your company can customize what XFA checks for. It’s things like:
- Encryption Status: Ensures data stored on the device is encrypted.
- Auto-Update Settings: Verifies that the device automatically applies software updates.
- Antivirus Protection: Confirms the presence of endpoint protection software.
- Password Manager Usage: Checks if a secure password manager is in use.
- Screen Lock: Ensures devices have active screen lock settings.
- Browser Version: Validates that browsers are up-to-date.
- Operating System Version: Verifies that the OS is current.
What About Privacy?
At XFA, user privacy is a top priority. Here’s how we ensure it:
- Minimal Data Collection: Only essential device information is collected to assess compliance.
- Transparency: Users can view what data is being collected and why.
- Secure Storage: All data is encrypted and stored securely.
- No Tracking: XFA does not monitor user activity or access personal files.
Your company’s security and your personal privacy can coexist with XFA.
Getting Started�
To start using XFA:
- Log in via your SSO Provider: Use your existing credentials to access your company’s systems.
- Enroll Your Device: Follow the prompts to ensure your device is compliant.
- Stay Secure: Regularly update your device to maintain compliance and avoid interruptions.
By integrating XFA into your authentication flow, your company can proactively protect its systems while maintaining user trust and privacy.