Link for Safes & Key Cabinets

Installation Guide

Table of Contents

Getting Started

Activating the Safe

Device Alarm Set Up

Adding a User

Access Methods

      Adding a Card to User
      Adding a User ID to User
      Adding a PIN to User

Group Management

Mobile Authenticator Setup

Forgot Password

Appendix A: ACM Sync

Statutory Declarations of Conformity

Getting Started

Below are step-by-step instructions to activate your safe/key cabinet.

Ensure your Link account has been created.

Upon purchasing a hardware, an email was sent to you that included a username, password and subdomain that you will need to gain access to the Console.

Search ‘BioConnect Link’ in your inbox for your credentials.

 

Types of Safes/Key Cabinets

There are two types of configurations for your safe/key cabinet. One comes with the Swing Lock (enables card and mobile), and the other uses a PIN pad/card reader (enables card, PIN, and mobile). See below for what this looks like.

ICT Reader

Card, PIN and Mobile

KS200 Lock

Card and Mobile

Activating the Safe / Key Cabinet

Overview

For this step, a laptop or smartphone, the Medixsafe hardware and an ethernet connection with internet access is required. The Link device will be activated by adding it to the BioConnect Link Console.

 

Power the Safe / Key Cabinet

You can power the device using either PoE (recommended) or 12VDC.

Adding a Link to Your Account

1. On a desktop or mobile device, open a browser and navigate to the BioConnect Link Console.

2. Enter login information.

Tip: Login information can be found in the email that was sent immediately after purchasing the device. Search ‘BioConnect Link’ in your inbox to locate this.
3. Navigate to the ‘Device Management’ page.
4. Select ‘Add Device’.

5. Enter the 12 digit key located beside the QR code sticker on your hardware and then click ‘Continue’.

6. Select ‘Safe or Key Cabinet’.

7. Give a descriptive name for this safe/key cabinet.

8. Select your safe/key cabinet authentication settings.

Note: If you have a Swing lock, you must select ‘Card Only’ as this is the configuration available for this device.

9. Once added, enable the device.

    Device Alarm Set Up (Optional)

    Overview

    For key cabinets and safes, it is particularly valuable to configure an alarm that sounds when a door is held open for a certain length of time.
    This is a global setting and will be configured across all of your cabinet devices (‘Door’ devices will not be affected).

    1. Navigate to ‘Settings’ page.

    2. Select ‘Device Alarm’ tab.

    3. Choose the desired length of time and select ‘Update’.

    Note: The default value is set to 1 minute.

    Tip: To disable the alarm, set the alarm to 0 minutes.

    Adding a User

    Overview

    To add users into the Link Console, you can either automatically sync them via the ACM Sync feature, or you can manually add users. To add users automatically using ACM Sync, skip to Appendix A ‘ACM Sync‘ section below.

     

    Adding Users Manually

    If you choose to not use the ACM Sync, you can manually add your users to the Link Console.

    1. In the BioConnect Console, navigate to the ‘Users’ page.
    2. Select ‘Add User’.

    3. Enter your user’s information: first name, last name, and username. Do not select ‘Add User’ yet.

    4. If you are ready to add your card to this user, have the card scanned at an active Medixsafe safe/key cabinet.

    Tip: If you want to add the user’s cards at a later time, see User Management below to learn how to add a card to an existing user.
    5. After the user’s card has been scanned, select the ‘Add Card’ checkbox and click ‘Add User’.
    6. After the card has been added, check to ensure it has been successfully added by looking at the ‘Total Cards’ column.

    Access Methods

    After your MedixSafe safe key/cabinet has been installed, your software has been configured and your users have been added, you can now manage your users and credentials.

    Adding a Card to a User

    1. Have your user scan their card at the safe.

    2. Navigate to the BioConnect Console ‘Users’ page and select the user

    3. Select ‘Manage’ and then select ‘Add Card’

    4. The system will search for the most recent transactions, where you will see the transaction from your user’s card. Once you’ve located the correct transaction, select ‘Add Card’.

    Tip: There are a few ways to ensure you are selecting the correct transaction:

    • Review the time stamp of the transaction to ensure it matches with the card was scanned. The most recent transactions appear at the top.
    • Review the door details – if you know the door that the card was tapped at, you can verify it in those columns.

    Adding a User ID to a User

    1. Similar to adding a card, enter a User Id and press ‘Enter’.

    2. Navigate to the BioConnect Console ‘Users’ page and select the User you would like to add this User ID to.

    3. Select ‘Manage’ and then select ‘Add Card’

    The system will search for the most recent transactions, where you will see the User ID appear as an unknown card.

    4. Confirm the time is the same time as when the User D was entered, and select ‘Add Card’.

    Adding a PIN to a User

    1. User enters their User ID at the safe and presses ‘Enter‘.

    Safe will beep 3 times. This means it is ready for a PIN enrollment.

    2. User enters the PIN once and presses ‘Enter‘.

    Safe will beep.

    3. User enters the PIN for. asecond time and presses ‘Enter‘.

    Safe unlocks.

    Group Management

    After your users have been added to the system, you can now create groups to manage alerts and notifications for specific users and devices. Groups allow you to select a group of users that can access specific devices.

     

    How to Create a User Group

    1. In the Link Console, navigate to the Group Management tab and select ‘Add Group‘.
    2. Enter the fields required: Group name, Description, and the desired users to receive alerts for this particular group – and then click ‘Continue‘ to proceed.
    3. Select the desired users to be added to this group and then select ‘Continue.
    4. Select the desired devices to be added to this group and then select ‘Continue.
    5. Review the group details and select ‘Add Group‘.
    After the group has been added, it will now appear on the group management screen.

    Mobile Authenticator Set Up (Optional)

    Overview

    Your MedixSafe solution comes with an option to provide an additional level of security using a mobile device as a step-up authenticator or you can integrate an existing mobile authenticator if your organization uses one today. You are also free to not activate this optional feature and use the Card / PIN options. 

    1. In your browser, navigate to the BioConnect Link Console and login using your credentials.

    2. Navigate to the ‘Settings’ page.
    3. Select your authenticator and enter the required credentials to activate your authenticator.
    Note: If you do not currently use an authenticator, select the ‘BioConnect’ authenticator.

    4. If you choose to use the BioConnect Mobile Authenticator, you have the option of using either a ‘Simple Yes/No’ Authentication or Biometric Authentication.

    Configuring a Two Factor Authentication Schedule (Optional)

    If you have set up a mobile authenticator, you can set a schedule for when two-factor authentication is enabled. Customers often use this feature as an extra level of security during non-business hour access.

    1. In the BioConnect Console, navigate to the ‘Schedule’ page.
    2. Select ‘Set Schedule’.
    3. Enter the start date and end date that you wish to enforce step-ups.

    4. Enter the start time and end time that you wish to enforce step-ups.

    5. Select ‘Set Schedule’ to save your schedule.

    Note: Your schedule will appear at the top of the screen, review this to ensure you have properly set your desired schedule.
    Important: Users have NOT yet been added to the schedule – meaning, they will not receive step-ups until you enable them. (See below to enable users)

     

    How to Enable Mobile Step Up for Users

    1. Choose the users you wish to enable step up for by selecting the check box beside their name.
    Tip: To enable users in bulk, select the top checkbox located beside ‘Name’ in the header column (as shown in the image below). This will select all users on this screen. If there are multiple pages, this must be replicated for each page.
    2. Once you’ve highlighted your user(s), click on the ‘Manage’ button and select ‘Enable 2FA’ from the drop-down list.

    Verifying Step Up is Enabled

    Once your device has been installed, software configured, and your users and cards have been added, you can test to ensure your step up is working.

    1. In the BioConnect Link Console ‘Users’ page and select a user to test.

    2. Press the ‘Manage’ button and select ‘Send Test Request‘ from the drop down list.

    3. If the test user receives their step-up notification to their device, step-up has been successfully enabled.

    Tip: The selected user must have step-up enabled cards.

    Forgot Password

    How to reset your password

    If you’ve forgotten your password, you can access your account by resetting it. 

     

    1. On the Link Console login screen, select ‘Forgot Password‘.

    2. Complete the form by entering your subdomain and username, then select ‘Reset Password‘.
    3. Open the email and select the ‘Reset Password‘ button. This will open up a browser where you can now enter a new password.

    Appendix A:

     

    Adding Users using ACM Sync (Optional)

    The ACM Sync will automatically and securely pull users details, encrypted card details, and 3rd party IDs (second-factor authentication credentials). Card details and 3rd party IDs are required to enable two-factor authentication within Link.

     

    Requirements

    Before you begin, ensure you have all of the following available:

    • Link Account Login Credentials
    • ACM Server Credentials
    • Knowledge of your ACM, such as where your ACM stores 3rd party IDs (eg. Active Directory credentials).

     

    To use ACM Sync, Contact Us for the Install File.

     

    Installing the ACM Sync

    1. Run the ACM Sync installer and follow the on screen prompts.

    Important: Ensure to install on a network that can access your ACM server.

    2. Review the terms and conditions and choose a download location.

    3. Enter credentials and then test the connection to the Link Cloud by selecting ‘Test API‘.

    4. Choose the account under which the ACM Sync service will run.

    5. Select your ACM and provide credentials to connect to your ACM.

    6. Select where the 3rd Party ID is stored and click ‘Install‘.

    7. Once the installation is complete, the ACM Sync will begin to automatically sync users every 5 minutes. To ensure the installation was successful, confirm that users have been added to the Link Console ‘User Management‘ page.

    Note: A first time sync may take more time depending on the size of your database.