- Last updated
- Save as PDF
Q. Are secured actions needed for users to access Engage?
No, a user is only required to have an active user account to Serraview, regardless of their security role
Q. How do I see the Cover Page after I have logged in?
The Cover Page only displays the first time a user logs into an instance. If you want to see it again, you will need to reset the Engage app data or re-install the Engage app.
For Android devices you can clear the data and for Apple devices you will need to re-install the app. For more details, refer to your device's documentation.
Q. How do I set a default building?
When Engage loads the app will display the floor the user is assigned to. If the user does not have an assigned floor then they will be prompted with the Locator Selector screen.
When a user returns to the Engage app, it will remember the last floor the user had seen.
Q. Can a System Administrator delete a meeting room reservation?
Meeting room reservations do not display in Serraview's VBS. The meeting room reservations will display in the user’s calendar.
Q. If an employee is no longer employed and their details are removed on our side, however they remain as an archived candidate in Serraview, do they still have access to Engage?
Access to Engage relies on an active user account, including SSO. When a user is authenticated in Engage, they have an active token for 6 months, or until their Serraview account is removed.
Therefore, if an employee is no longer employed at your workplace, and they are an archive candidate in Serraview with an active user account, they will still be able to access Engage. We highly recommend that the Serraview's People Directory is updated daily, and archive candidates are managed regularly. When a person row is archived, their user account is archived along with it, and access to Serraview has been revoked.
For more details, refer to Archive Candidates and People Directory.
Reservations and Check-in FAQs
Q. If a person doesn’t check-in during the grace period? What happens to the desk?
We record that the person didn’t check-in to the desk. This lets the Corporate Real Estate teams understand the employee behavior and then adjust their strategy to encourage behavioral change. Refer to Daily Desk Booking History Dashboard.
Q. If a person makes a reservation on the same day do they need to check-in?
When you make a desk reservation on the same day, you will be checked-in automatically.
Q. Is the all day desk reservation check in start time based on time zone?
Yes, the desk reservation is based on the location of the desk. For example, if the person wants to reserve a desk in the NYC office at 9:00am then we make the reservation in the NYC time and not the person’s local time. Refer to Set up the Desk Reservation & Check-in Times.
Q. How does Engage know what time zone the building is in?
The time zone is calculated form the buildings latitude and longitude. These values are found in Buildings and Floors.
Q. When there are existing bookings and the System Administrator changes the either the Booking Access setting or the Reserving Enabled check box. What happens to the exiting bookings?
Any existing booking will remain and any new reservation will use the saved configuration. Refer to Set up Desk Reservation Permissions.
Corporate Data, Transit, and at Rest
Engage was built with security in mind and as such, all data is encrypted both in transit and at rest. We intentionally limit any data we store on the device and ensure it is not PII or sensitive in nature. This data being:
- Instance ID – <clientID>.serraview.com so employees don’t have to enter it every time.
- Serraview Floor ID – to remember the users last location.
- Concierge menu items – titles, descriptions and background images are cached to improve performance.
- Auth and refresh tokens – these tokens are stored the first time a user authenticates using SSO so do not have to enter their full SSO credentials every time they open the app. The tokens are stored in the device’s keychain for both iOS and Android.
All other data is retrieved from our APIs as needed and is not stored on the device itself.
Q. How is data transferred from the Engage Mobile App to the Serraview Cloud?
Data is transferred between Engage and Serraview using an encrypted HTTPS connection.
Q. How do users authenticate? Do you support SSO?
Engage supports multiple ways to authenticate:
- Localized authentication (i.e., based on a capability within Serraview)
Deactivation of an Engage user happens automatically when the user is archived in Serraview.
Q. Does Engage save credentials on the device? If so, for how long & how do you secure them?
When a user has successfully authenticated into Engage, an authentication token is encrypted and stored on the devices key-chain. The authentication token has an expiry of 6 months which is considered industry best practice. A user will be able to authenticate until the token expires or the user is achieved. Refer to the diagram on how SSO works.
Note that when a user is archived in Serraview they are no longer able to authenticate to Engage.
In addition to the above, our clients can opt-in to a feature that forces all employees to set a 6 digit pin. This pin is required to re-authenticate once every two hours. Entering an incorrect pin 5 times will cause the authentication token to be deleted and the user will be re-directed back to the SSO login screen. For information on set up, refer to Set up Authentication so Employees Regularly Login.
Q. Is data cached on the device? If so, how is it encrypted?
Engage stores no sensitive information, and any data that Engage does store is locked down in the app data store.
Q. What data does Engage store on the Employee's device?
Engage goes to great lengths to ensure no Personally Identifiable Information (PII) is stored on the device at rest. To ensure a positive experience for our users, Engage locally stores:
- Client Instance ID - So we can load the correct environment without prompting the user.
- Last floor ID accessed - Engage will load the last floor the user was viewing.
- Authentication token - To make it simple for an employee to log in to the app. It is encrypted and stored within the devices key-chain.
- Concierge menu items - The text and images for the concierge menu are stored locally to improve its performance.
Q. What Usage Analytics is available?
We plan to implement Google Analytics to allow aggregating the behavior of users.
Q. What is your SLA for Engage?
Our SLA for Engage uptime is 99%, but that number does NOT account for:
- Availability of real-time data (such as SVLive)
- Real-time connections to third-party systems (such as Microsoft Engage and Google Calendar)
Q. Has Engage been Penetration Tested?
Yes, Engage has independent Penetration testing conducted on the app and the APIs it uses. In addition, we run Vericode scans on a regular basis.
Q. How do you support disaster recovery?
Yes, Engage inherits the well-established disaster recovery capabilities of Serraview. For more information, see Serraview System Data Protection.
Q. How do I whitelist the Serraview domain within the Safe Links policy?
If your business is using the Office 365 Outlook Safelinks Protection this will check for incoming links within emails for malicious URLs. You will need your Microsoft Office365 Administrator to complete the following:
- In your browser, log into https://protection.office.com/safelinksconverged with Office365 admin credentials.
- Under the "Policies that apply to specific recipients" section, edit the appropriate Safe links policy defined.
- Click on settings.
- Under the "Do not rewrite the following URLs:" section add the following:
5. Save your changes.