Company logoHelp Center
Visit www.threatlocker.com

ThreatLocker Access App and Devices Page

5 min. readlast update: 12.12.2024

Feature Coming Soon!

Using the ThreatLocker Access mobile application, you can control access to M365 resources from mobile devices using Conditional Access policies.

Adding Devices and Inviting End Users to Install the ThreatLocker Access App

From the ThreatLocker portal, navigate to the Computers page > Access tab. From here, single users can be invited or they can be invited in bulk. 

Much like Computers, Access Devices will require a ThreatLocker Group to belong to. They can be added to existing computer groups, or separate groups can be created for devices. For ease of management, we recommend creating a separate group or groups for Access Devices.

Adding a Single Device

Select the "New Device" button at the top of the page.

  1. In the sidebar, select the Group the device will be a member of. 
  2. Select to either send a link to download and install the Access app via SMS or Email.
  3. Depending on the selection above, fill in the required field of email address or phone number.
  4. Input custom installation instructions, or leave the default text shown above.
  5. Select the "Save" button to save the device without sending an invitation, or the "Save & Send by" button to save and immediately send the end user an invitation.

The device will be added to the Access page grid. 

The end user will receive either an SMS or an email that contains the installation instructions and a hyperlink to download the Access app from the correct app store, depending on the OS of the mobile device.

Once they install the app, it will begin checking into the portal. The portal will display which permissions the end user has granted to the app. If the user grants the app no permissions, the app will need to be open and in the foreground in order to check into the portal, updating its IP address.

  • Push - If not enabled, device cannot receive push notifications from ThreatLocker, including "Force Check-In"
  • Geolocation - If disabled on iOS, the device will be unable to check in if the app is terminated
  • Motion - Not required to be enabled, but it will greatly improve battery life if enabled  

 

Bulk Importing Devices

Select the hamburger menu and then click "Bulk Import Devices".

Next, select the group that the devices will be imported in to.

The "Installation Instructions" section is prefilled with default instructions. However, any text you insert here will be save and become the default instructions for this organization, being used in the sidebar and this window.

Then, select the "Start Import" button.

A window will open where you can upload a .csv, .tsv, .xls, .xlsx, .xml, or .txt file that contains phone numbers and/or email addresses.  

Once imported, the devices will be listed on the Access page. Select the checkbox at the top of the page to select all the devices on the page.  

Then select the "Send Installation and Activation Message" button to send the installation instructions and link to download the app.

Access Page

  1. Filter by OS type:
    1. All
    2. Android
    3. iOS
  2. Search by email or phone number, or partial matches
  3. Select to include the Access devices for child organizations

The main grid contains the following columns:

  1. Multiselect checkbox
  2. Phone Number - displays phone numbers that have been imported
  3. Email Address - displays email addresses that have been imported
  4. OS - displays the OS type as reported by the device
  5. Group - displays the group the device belongs to
  6. Last Check-In - displays the last date/time the device checked in to the portal along with the IP address it checked in with
  7. Push Enabled - displays an indicator of whether the end user enabled push notifications in the app
  8. Geolocation Enabled - displays an indicator of whether the end user enabled geolocation in the app
  9. Motion Enabled - displays an indicator of whether the end user enabled motion in the app
  10. Force Check-In - contains a button to force the subject device to check in to the portal (must have push notifications enabled)
  11. Delete - delete a device from the ThreatLocker portal - does not remove the app from the device

Multiselect Functions

  1. Send install instructions to the selected devices
  2. Force the selected devices to check in to the portal - requires push notification enabled
  3. Delete the selected devices
  4. Cancels the multiselect and clears all selected checkboxes

Once installed, the app will check in to the ThreatLocker portal every minute, keeping its IP address up to date.

The check in history of the device can be viewed by selecting the device from the main grid, opening the sidebar, and selecting the "Check-ins" tab. In the below example, the device does not have geolocation enabled.

ThreatLocker Access App

The ThreatLocker Access App is a lightweight application used to collect the current IP address of the device it is installed on and sends the IP address to the ThreatLocker portal.

The Access App will display the Date, Time, Operating System, IP address, Latitude, and Longitude of the device (Latitude and Longitude are only present when geolocation is enabled.

 

For assistance with the ThreatLocker Access App or the Access Devices page, reach out the the Cyber Hero Support Team.

Was this article helpful?