Download BYOD Guidelines India - Detailed

BYOD GUIDELINES
Oracle IT
Personally-owned computers or Bring Your Own Device (BYOD) can be used for Oracle business
only if it is compliant with the Desktop and Laptop Security Policy. Employees must also adhere to
Oracle Acceptable Use Policy for Systems & Resources.
This guide applies to Windows 10 and MAC Operating Systems only. Windows 7 systems are no
longer allowed to connect to Oracle network or supported.
IMPORTANT
Please read and understand the following before proceeding with configuring your personal
computer:
1. To prevent unintended data-loss, personal and other important data must be backed up to an
external hard drive before configuring a personally-owned computer for Oracle business.
It is the responsibility of the employees to ensure data is properly backed up.
2. To protect Oracle data, personally-owned computers must
a. have an anti-malware installed, configured, enabled and updated (McAfee Endpoint
Security)
b. be encrypted using Oracle Corporate standard encryption software (McAfee Drive
Encryption)
3. OIT provides best effort support for personally-owned computers.
GETTING HELP
•
New employees can call Oracle IT - Global Service Desk for assistance. A dedicated phone
support service is available for new employees on their IT issues during their first 45 days in
Oracle.
Primary Number:
Secondary Number:
Tertiary Number:
•
+91 80 4107 1155
+65 6501 2232
+1 512 501 7291
Other Support Channels:
Slack:
MyHelp:
ITWeb:
#help-it-services
myhelp.oracle.com
itweb.oracle.com
Confidential – Oracle Internal
REQUIREMENTS
Hardware
1. The performance of a personal computer depends on various factors such as its hardware
specifications, installed software, age, etc.
2. Minimum recommended specification:
a. Intel Core i5 or faster processor (Oracle standard is Intel Core i7)
b. 8GB RAM (Oracle standard is 16GB RAM)
c. 128GB SSD or 500GB spindle drive (Oracle standard is 256GB SSD)
Operating System
Windows 10 (genuine version) OR macOS (Catalina 10.15, Mojave 10.14 or High Sierra 10.13)
Accounts
1. Oracle SSO (Single Sign On) credentials
Hiring managers will share the Oracle SSO credentials with their new hires. SSO password can
be reset through the Self-Service Password Reset Tool as detailed below.
2. Oracle Network Access (VPN) account. VPN account is auto requested but managers should
approve VPN account request of direct report prior to start date.
Manager should also request for entitlement in OIM based on the employee type:
VPN Entitlement for Employees is “VPN for Employees”
VPN Entitlement for Billable Contractors is “VPN for Billable Contractors”
VPN Entitlement for Non-Billable Contractors is “VPN for Non-Billable Contractors”
3. 2FA Setup on Mobile Phone
Confidential – Oracle Internal
CONFIGURATION
1. Set up 2FA on mobile phone and install Oracle Mobile Authenticator.
2. For Managers: Update or enter mobile number of Direct Report in OIM (Oracle Identity
Management).
Make sure to set up OMA or you have updated mobile number in OIM to receive a 2FA code
before proceeding to the next steps.
3. Reset Oracle VPN password via Self-Service Network Access Account Password Reset Tool.
4. Reset SSO Password via Self-Service SSO Password Reset Tool.
5. Download and install Cisco AnyConnect from vsupport.oracle.com.
6. Download and install MyDesktop client from vsupport.oracle.com.
7. Configure browser proxy settings. (IE, Firefox, Safari)
8. Go to MyDesktop and register the device as Personal.
This request will require manager's approval. After approval you will be sent an email with a
link to the Risk Health Check page. Install all required software (including McAfee Endpoint
Security and McAfee Drive Encryption)
Please note that all Oracle software and data must be removed when the device is retired from
MyDesktop.
9. Install Microsoft Office. (Office 365 for Windows, Office 365 for Mac)
10. Configure Oracle email. (Outlook for Windows, Outlook for Mac)
Oracle webmail is also accessible at https://stbeehive.oracle.com/zimbra Use your Oracle SSO
credentials to log-in.
11. Other applications such as Slack, Jabber, Zoom, etc. if needed can be downloaded from
MyDesktop.
Confidential – Oracle Internal
How to enable two-factor authentication
Oracle Identity Management uses two-factor authentication (2FA) for several external-facing Oracle
applications including Zimbra, as part of an ongoing and constantly evolving security model to
protect Oracle, and employee confidential information. 2FA is a security process that requires you
to provide 2 means of identification.
You will need to register a device with Oracle Mobile Authenticator for 2FA in order to access
externally-facing Oracle applications.
Apple iOS:
1. Download the Oracle Mobile Authenticator (OMA) application from the App Store.
2. Launch the application and accept the End User License Agreement.
3. Select Allow to receive notifications.
4. Tap Add Account.
5. Tap OK to allow OMA to access your camera.
6. Scan the QR code below:
7. Enter your SSO login credentials and tap Sign In.
A screen displays with a One Time Pin (OTP) that you provide when you login to any 2-Factor
protected application.
Confidential – Oracle Internal
Android:
1. Download Oracle Mobile Authenticator (OMA) from the Android app store.
2. Launch the application and accept the End User License Agreement.
3. Tap Add Account.
4. Tap Allow to allow OMA to access your camera.
5. Scan the QR code below:
6. Tap Allow to allow Authenticator to make and manage phone calls.
7. Scan the QR code again.
8. Enter your SSO login credentials and tap Sign In.
A screen displays with a One Time Pin (OTP) that you provide when you login to any 2-Factor
protected application.
Confidential – Oracle Internal
Manager update mobile number for directs in Oracle Identity
Management (OIM)
Summary
This article describes how a manager for directs can update a mobile number in Oracle
Identity Management (OIM), so they can receive SMS messages for two-factor
authentication (2FA).
Details
Managers can add or update a mobile number for their directs by following these steps:
1. Login to OIM (On VPN or corporate Intranet).
2. Click My Information.
3. Scroll down to Direct Reports > select the direct whose phone number needs to be
updated.
4. Click Change Phone Number.
5. Enter the employee's mobile number and justification.
6. Click Preview.
7. Verify the old and new phone numbers > click Confirm if they are correct.
Confidential – Oracle Internal
How to reset password for Network Access Account (includes
VPN access) when you are not connected to Oracle network
Summary
If your Network Access Account password is temporary, expired or unknown and you are
not connected to Oracle network, you can reset the password via the Self-Service Network
Access Account Password Reset Tool.
Details
Before resetting, make sure you have Oracle Two Factor Authentication (2FA) configured.
1. Login to vsupport.oracle.com.
2. Enter the code you received via Oracle Mobile Authenticator (OMA) or SMS text
message.
If you did not get a code:
• OMA: See OMA Setup on Mobile Devices
• SMS: See 2FA SMS Triage and Troubleshooting
3. Click Reset your Network Access Account password.
4. Enter a new password.
5. Re-enter your new password.
6. Click Submit.
Confidential – Oracle Internal
How to reset your SSO password
Summary
You can reset your Single Sign-On (SSO) password via Self-Service SSO Password Reset
Tool.
Details
Before resetting, make sure you have updated your mobile number in OIM to receive a
2FA code via SMS messages.
Go to https://vsupport.oracle.com/ssopasswordreset
1. Enter the requested credentials.
2. Click Submit.
3. Enter the code you received via SMS text message.
If you did not get an SMS code, see 2FA SMS Triage and Troubleshooting.
4. Click Continue.
5. Enter your email address.
6. Enter a new SSO password.
7. Re-enter your new SSO password.
8. Click Submit.
Confidential – Oracle Internal
How to install Cisco AnyConnect Secure Mobility Client (VPN
Client)
Summary
Login Information:
• The USERNAME consists of your GUID_cc. Examples: jdoes_us, jcruz_in.
• If you do not know your GUID, you can find it in Aria People Search.
• cc is your country code.
• The PASSWORD is the one for your Network Access Account (includes VPN access).
If you are unsure of your Network Access Account password, see how to reset it if you
are:
• Connected to Oracle network.
• Off the Oracle network – with two-factor authentication.
Details
To download and install the Cisco AnyConnect Secure Mobility Client outside the Oracle
Network (on any computer):
Option A: Browser Direct Install:
1. Launch your browser and enter https://myaccess.oraclevpn.com
2. Enter your Network Access Account username and password.
3. Click on Start AnyConnect to install the Cisco AnyConnect Secure Mobility Client.
Wait for the session to be established.
4. After installation and initial connectivity, you will see a small icon on the system tray
indicating connectivity.
Option B: Oracle IT External Tools site (needs two-factor authentication when off the
Oracle network):
1. Launch your browser and enter https://vsupport.oracle.com
2. Select the Downloads option.
3. Select the Cisco AnyConnect version based on your operating system to download.
4. Run the download file to install.
Confidential – Oracle Internal
How to install MyDesktop Client
What is MyDesktop?
•
MyDesktop is Oracle's personal desktop management service for employees.
Is MyDesktop required?
•
•
•
•
Yes. It is mandatory for all personal computers connecting to Oracle.
Removing or disabling MyDesktop is against Oracle's Acceptable Use Policy.
For details, see the Desktop Security and MyDesktop policies.
Employees MUST comply with the license terms for any non-Oracle-managed software
installed under the Copyright Compliance & Acceptable Use Policy.
How does MyDesktop help me?
•
•
•
•
•
•
•
•
Helps you install or upgrade any software on your machine.
Keeps hardware details and software licenses assigned to you.
Shows actions to be taken such as pending security updates.
Delivers important software automatically.
One page for all your PC requirements.
Warns if there is little disk space.
Warns about risk from viruses.
Recommends software.
What does MyDesktop collect?
•
•
•
•
Operating system version.
Some hardware details for support.
The employee assigned to the computer.
Software licenses installed. See the full list of detected software here.
What does MyDesktop NOT collect?
•
•
•
•
Data files including Word, Excel and Powerpoint files.
Local email and calendar files.
Browser history, cache, cookies and bookmarks.
Software installed on a computer other than those detected by Oracle.
Confidential – Oracle Internal
What Licensed Software is available?
•
You can see the full list here. Check back often for new software.
Installation
1.
2.
3.
4.
Launch your browser and enter https://vsupport.oracle.com
Select the Downloads option.
Select the Oracle MyDesktop Client based on your operating system to download.
Run the download file to install.
Confidential – Oracle Internal
How to manually configure proxy settings
Summary
Automatic proxy (auto proxy) provides an automated process to ensure the browser is
correctly configured for the most appropriate route to the Internet.
Details
Set proxy settings (WPAD) for Internet Explorer:
1.
2.
3.
4.
5.
6.
7.
Open Control Panel
Click Internet Options.
Click Connections tab.
Click LAN Settings.
Use automatic configuration script: Check the box.
Address: Enter http://wpad/wpad.dat.
Click OK > OK.
Manually Set Automatic Proxy for Firefox:
1.
2.
3.
4.
5.
6.
7.
8.
9.
Launch Firefox
Click the Open menu icon at the top right corner of screen.
Click Options...
Scroll to the bottom of the page.
Under Network, click Settings...
Automatic proxy configuration URL: Click the radio button.
Enter http://wpad/wpad.dat.
Click Reload.
Click OK > OK.
System Configuration & Safari Proxy Settings
1.
2.
3.
4.
Disconnect from VPN
Top left corner: Click Apple Logo
Click System Preferences
Click Network
Confidential – Oracle Internal
5. Adapter: Select appropriate value
Either LAN or Wi-Fi
Click Advanced
Click Proxies
Select a protocol to configure: Check Automatic Proxy Configuration
URL: Enter http://wpad/wpad.dat
• Based on your location, you can optionally use
• http://wpad-amer.oraclecorp.com/wpad.dat
• http://wpad-apac.oraclecorp.com/wpad.dat
or
• http://wpad-emea.oraclecorp.com/wpad.dat
•
6.
7.
8.
9.
10. Click OK
11. Click Apply
12. Close System Preferences
Confidential – Oracle Internal
How to register personally owned computers in MyDesktop
Summary
•
•
•
Your machine will not get software pushes if you leave the company without retiring it.
It is disconnected from MyDesktop when you leave Oracle.
It is not reassigned within Oracle.
Details
To use the Register as Personal feature:
1. Go to MyDesktop accessible only when connected to Oracle network (office or VPN
connection)
2. Select Hardware > All Machines / Retire.
3. Find your machine.
4. Click on Register as Personal.
5. Click on Register.
Your manager will receive an email to approve the request.
Confidential – Oracle Internal
How to manually install McAfee Endpoint Security Package
Summary
Your McAfee Endpoint Security Suite includes:
1. McAfee Agent.
2. McAfee Data Exchange Layer (DXL).
3. McAfee Endpoint Security Platform.
4. McAfee Endpoint Security Threat Prevention.
5. McAfee Endpoint Security Adaptive Threat Prevention.
6. McAfee Endpoint Security Firewall.
7. McAfee Endpoint Security Web Control.
Your McAfee Endpoint Security Suite Installer enables installation, upgrade or
reinstallation of suite/individual products as needed.
Details
To download and install from Oracle Network (or if connected via VPN)
1. Navigate to MyDesktop > Software > All Software / Search.
2. Type endpoint security.
3. Click McAfee Endpoint Security > INSTALL NOW.
To download and install from outside Oracle Network
1. Navigate to vSupport > Software.
2. Download appropriate version of McAfee Endpoint Security.
3. Double click downloaded file and Install.
4. If all packages are installed, then click Exit.
If any package fails, then reboot the machine and retry.
5. Reboot your Computer.
Confidential – Oracle Internal
How to manually install McAfee Drive Encryption
Summary
McAfee Drive Encryption (MDE) protects a computer by encrypting all data on the hard drive. In the
event of theft or loss, unauthorized users will NOT be able to access the data on the computer. Some
of the McAfee Drive Encryption (MDE) features include:
•
•
•
•
Full Disk Encryption: Encrypts the entire disk sector by sector including system, temp &
deleted files
Encryption is user-transparent and automatic: No need for user intervention
Removable media (USB) encryption: Protects sensitive information copied to removable
media by encrypting devices such as USB connected external drive or memory stick
Exceptions: CDs/DVDs & floppy disks
Self Service Recovery Utility: Provides access to machine if user is locked out.
Details
Prerequisites
1.
2.
3.
4.
5.
6.
7.
8.
9.
Microsoft Windows 10.x (32-bit/64-bit)
Data is fully backed up
Install latest BIOS
Uninstall legacy data encryption application if installed
a. BitLocker
b. TrueCrypt
c. Credant
d. Check Point (Pointsec)
e. Symantec Encryption Desktop (PGP)
Wired or wireless connection to Oracle network
Disable wireless adapter when using wired connection
VPN connection supported when working from non-Oracle location
Reconnect to VPN immediately after each reboot during installation
McAfee Drive Encryption (MDE) does not support dual boot installations
Login Format
•
•
User name: GUID
o GUID unknown, check Aria People Search
Password: McAfee MDE password
Confidential – Oracle Internal
Installation
To download and install from Oracle Network (or if connected via VPN)
1. Navigate to MyDesktop > Software > All Software / Search.
2. Type McAfee Drive Encryption.
3. Click McAfee Drive Encryption > INSTALL NOW.
Confidential – Oracle Internal
How to install Microsoft Office on a Windows Computer
Summary
You will need to download and run an installation package from MyDesktop. The package
will automatically remove all previous versions of Microsoft Office plus install Outlook
Beehive Extension for Outlook (OBEO). It may take several minutes to download.
Details
1.
2.
3.
4.
Close all applications.
Go to MyDesktop.
Click on Licenses > Manage and Download.
Find Microsoft Office 20xx - English (U.S.) and click Download.
• Not found: Request Microsoft Office license via MyDesktop.
5. Follow prompts.
6. Click Finish to complete the installation.
The installation package is downloaded
to c:\ProgramData\Oracle\MyHolding\licensed\global\microsoft\office\win, where you
can run it manually if needed.
Confidential – Oracle Internal
How to install Microsoft Office 365 (O365) on a Windows
computer
Summary
You will need to download and run an installation package, then activate Microsoft Office
365 (O365). The package will automatically remove all previous versions of MS Office plus
install Outlook Beehive Extension for Outlook (OBEO). It may take several minutes to
download. See license requirements and prerequisites for additional details.
Details
First, download and install the software:
1. Close all programs.
2. Go to MyDesktop.
3. Click on Licenses > Manage & Download.
4. Find Microsoft Office 365 - English (U.S.) and click Download.
5. Follow the prompts.
6. Click Finish to complete the installation.
The file is downloaded
to c:\ProgramData\Oracle\MyDesktopHolding\licensed\global\microsoft\office\365\wi
n, where you can run it manually if needed.
Next, you must activate the software:
1. Open any O365 application, such as Word, Excel or PowerPoint.
2. At the Activate Office prompt, enter your Oracle email address.
3. Click Next.
If the prompt is not displayed, click Sign in to get the most out of office at the topright corner of the application.
Confidential – Oracle Internal
4. Click Sign in.
5. Log in with your Single Sign-On (SSO) credentials.
6. Click Sign In.
1.
2.
3.
4.
When you first launch Outlook:
Select the Beehive profile.
Check Set as default profile.
Click OK.
Log in with your SSO credentials.
To verify OraDocs is installed and working properly:
1. Open Word.
2. Click Open Other Documents.
3. Click Oracle Content on the file menu to display shared O365 documents.
Confidential – Oracle Internal
How to install Microsoft Office 365 (O365) on a Mac computer
Summary
For license details, prerequisites and the OraDocs requirement, see Microsoft Office 365
(MS O365) license requirements and prerequisites.
The O365 installer removes any previous installations of MS Office 2007/2010/2013/2016
products on your computer.
The installer file is approximately 1 GB and takes time to download as well as consumes
bandwidth across the network connection. The download runs in the background and will
not disrupt your work while it completes. This file is downloaded to Library\Application
Support\Oracle\MyDesktopHolding\licensed\global\microsoft\office, where you can run it
manually if needed.
Details
1. Close all open programs including Office apps, since the processes will interfere with
2.
3.
4.
5.
6.
7.
the installation.
Ensure MyDesktop client for Mac is installed. See Install MyDesktop for Mac.
Visit MyDesktop in a browser.
Click Licenses.
Click Manage & Download.
Find Microsoft Office 365 - English (U.S.) and click Download.
Follow the onscreen prompts to start the installation, accept the Terms & Conditions.
The previous installation of Microsoft Office is automatically removed if it exists.
Now you must activate O365:
1.
2.
3.
4.
5.
6.
7.
Open Finder.
Click Applications.
Double-click Microsoft Word.
Click New.
Choose a template.
On the Activate banner that displays, click Activate.
Click Next.
Confidential – Oracle Internal
8. Click Sign in.
9. In the box that appears, enter your Oracle email address.
10. Click Next.
11. On the Oracle Sign-in window, enter your Oracle email address and Single Sign-On
(SSO) password.
12. Click Sign In.
Next, to configure your Outlook, see Configure Outlook for macOS.
Finally, to verify OraDocs is installed and working properly:
1. Open Finder.
2. Click Application.
3.
4.
5.
6.
7.
8.
9.
Click Microsoft Word.
Select New.
Choose a template.
Add text to the template to create a document.
Click Save.
For Where to save the file, select Oracle Documents.
Click Save.
Confidential – Oracle Internal
How to configure Oracle email – Outlook OBEO
Summary
Oracle Beehive Extensions for Outlook (OBEO) allows management of personal e-mail,
calendar, tasks, address book using Microsoft Outlook.
Outlook OBEO can be used with the following operating systems: Microsoft Windows 10.
Supported Outlook versions with current version of OBEO: Outlook 2013, Outlook 2016,
O365.
Details
Guidelines for OBEO installation
Outlook Version
Outlook Bit
Architecture
Windows Bit
Architecture
Installation
Instructions
Office 365
Outlook
64-bit
64-bit OBEO Installer
Office 365
Outlook
32-bit
MyDesktop Download
Outlook 2016
Outlook 2013
64-bit
32-bit or 64-bit
64-bit OBEO Installer
Outlook 2016
Outlook 2013
32-bit
32-bit or 64-bit
MyDesktop Download
Steps to install OBEO
OBEO is automatically configured when installing MS Office from MyDesktop.
1. Check above table to which OBEO version is needed.
2. Install OBEO.
3. If prompted, supply this information:
• Server Name: stbeehive.oracle.com.
• Account Name: For example, [email protected].
• Password: Type SSO Password.
4. Login to Outlook.
Confidential – Oracle Internal
Steps to configure Outlook manually
1.
2.
3.
4.
Close Outlook.
Open Control Panel. See Open Windows Control Panel.
Click Mail (32-bit) > Show Profiles.
If there are no profiles listed or a new is required:
a. Click Add.
b. Profile Name: Type Beehive.
c. Click Ok.
d. Add Account: Check-mark Manual Setup or additional server types.
e. Click Next.
f. Check-mark Other.
g. Highlight Oracle Beehive Extensions for Outlook from the box.
5.
6.
7.
8.
9.
h. Click Next.
Enter details
• Server Name: stbeehive.oracle.com
• Account Name: Oracle Email address
Click Check Name button.
A pop-up window appears. Type SSO password.
Click Sign In button.
Once authentication is successful, Display Name and Email address fields are auto-
populated.
10. Click Next > OK on Restart Message > Finish.
Confidential – Oracle Internal
How to install and configure Mozilla Thunderbird on a
personally owned computer
Summary
The following steps are for users that have already been provisioned with an Oracle VPN
account.
Zimbra Webmail is accessible without VPN when 2FA has been set in OIM. See How to
enable two-factor authentication (2FA).
Details
•
•
Is Thunderbird already installed on a personally owned computer for personal email?
Simply configure a second profile.
If Thunderbird is not installed, then install and configure Thunderbird.
Install and Configure Thunderbird:
1. Login to MyDesktop. Connection to Oracle network (vpn) is required.
2. Click Download Software in the software section.
3.
4.
5.
6.
7.
Type Thunderbird in the Search all columns section.
Download Thunderbird and save the file.
Browse to saved file.
Double-click the exe file.
Click Yes on User account control prompt.
8. Click Next on Welcome to Mozilla Thunderbird setup wizard.
9. Setup Type:
a. Select Standard.
b. Thunderbird as your default mail application is selected by default (deselect if Thunderbird is not the default mail client).
c. Click on Next.
10. Click Install in the summary.
11. Click Finish.
12. Select Don't Import Anything in Import Settings and Mail Folders.
13. Click on Next.
Thunderbird launches automatically.
Confidential – Oracle Internal
14. De-select Always perform this check when starting Thunderbird.
15. Click on Skip Integration.
16. Mail Account Setup:
a. Enter your first and last name.
Example: John Doe
b. Enter your fully qualified Oracle email address.
Example: [email protected]
c. Enter your Single Sign-On (SSO) password.
d. De-select Remember password.
e. Click on Continue.
17. Thunderbird attempts to automatically configure mail account and if it fails, you should
configure as follows:
a. Incoming and Outgoing server settings:
• Select Normal password in authentication field.
This automatically selects SSL/TLS in next column.
• Select 993 and 465 in port field.
• Enter stbeehive.oracle.com in the server hostname field.
• Select IMAP and SMTP.
b. Username:
• Enter fully qualified Oracle email address in incoming field.
Example: [email protected]
• Outgoing automatically updates.
18. Click on Re-test.
Test results in:
Click on Re-test, verify and update settings if you get an error.
Click Done on confirmation message if you do not get any error.
Confidential – Oracle Internal
Configure Outlook for Beehive email on mac
Summary
•
•
•
Oracle Beehive Extension for Outlook (OBEO) is not available for macOS.
Outlook does not natively support CalDav protocol.
You must use Apple Calendar application to manage Oracle Beehive Calendar.
High Sierra and above requires Outlook version 15.35 or later.
Details
How to configure Outlook for Beehive email?
1.
2.
3.
4.
Open Outlook.
Click Tools in the Menu bar.
Select Accounts.
Click on Add Email Account.
Alternatively:
Select New Account.
Click Plus sign in the bottom left corner.
5. Enter your Oracle email address.
6. Click on Continue.
7. Enter your SSO Password.
8. Enter stbeehive.oracle.com in the incoming server field.
9. Select Use SSL to connect.
10. Enter 993 in the port field.
11. Enter stbeehive.oracle.com in the outgoing server field.
12. Select Use SSL to connect.
13. Enter 465 in the port field.
14. Click on Add Account.
15. Click on Done.
Microsoft Office version layouts might be different, and some fields might be
automatically prefilled.
You must not forget to check if fields contain data mentioned in instructions.
Confidential – Oracle Internal