Allow List Devices with MobileIron
Skyhigh CASB for Sanctioned IT users, who also use the MobileIron Mobile Device Management (MDM) platform, can add another level of security to the Certificate Checking process by adding an Allow List of approved devices that are allowed to connect to the Skyhigh CASB Secure Proxy. Even if a device acquires a valid certificate, without prior approval for the device’s ID, it is unable to connect to the proxy.
To set up MobileIron MDM:
- Create a root certificate in MobileIron MDM and save it as a text file.
- Log into Skyhigh CASB and follow the steps for Certificate Checking above to upload your certificate into the Skyhigh CASB Secure Proxy.
- Sign into MobileIron MDM and add your list of approved users and email addresses to the MobileIron system.
- Your administrator sends a request by email or text message to your users to register their device through MobileIron MDM. When they do so, they are provided the device certificate and their device ID is recorded.
- Only devices that have registered through MobileIron MDM and that contain the certificate can connect to the Skyhigh CASB Secure Proxy.