Skip to content
By Industry

Learn about solutions tailored to your industry

Designed with safety, efficiency and compliance always top of mind, we’ve evolved over a decade with continuous improvements from customer feedback. Serving the healthcare, research and food service industries.

By Industry

  • Healthcare

    Learn about solutions for hospitals and clinics

    See solutions
  • Pharmacies

    Learn about our solutions for pharmacies

    See solutions
  • K-12 & Student Nutrition

    Learn about solutions for K-12 & Student Nutrition

    See solutions
  • Law Enforcement & Forensics

    Learn about solutions for Law Enforcement & Forensics

    See solutions

By Industry

  • Life Sciences

    Learn about our solutions for laboratories, universities and cryogenic storage

    See solutions
  • Food Safety

    Learn about our solutions for distribution, restaurants and cold storage

    See solutions
  • Grocery & Convenience Store

    Learn about solutions for Grocery & Convenience Stores

    See solutions
  • Warehouse & Cold Storage

    Learn about solutions for Warehouse & Cold Storage

    See solutions
Partners

We love to help others provide superior products and services to their customers.

From software integrations and hardware add-ons to referrals and resellers, Sonicu partners with global enterprise brands and boutique solution providers to serve your monitoring needs.

Contact us:
Phone: 317-468-2345

Partner Programs

  • Referrals

    Earn extra revenue by introducing Sonicu to your clients and partners

    See solutions
  • Reseller Program

    Increase revenue and add value by incorporating Sonicu technology into your offers

    See solutions
Resources

Learn

  • ROI Calculator

    See how much time and money you can save with Sonicu.

    Calculate ROI
  • Brochures

    Learn how we solve our customers' challenges by industry and monitoring type

    See brochures
  • Data Sheets

    Dig deeper into the technical specifications across our software and hardware

    See Data Sheets
About

Questions? Contact us.

Call 317.468.2345 to speak with one of our experts

Contact us

About Us

Sonicu was founded to help healthcare professionals create safer and more efficient facilities to drive better patient care. We’ve expanded to other industries focused on the same core values: safety and efficiency.

See our Story

Careers

Join a team building the future of safer and more efficient healthcare, research and food.

See job openings

Understanding SoniCloud Users, Groups, Permissions and SSO

 

 

 

SoniCloud Users, Groups, Permissions, and SSO

 

SoniCloud implements a fine-grained, flexible permission structure to ensure that users can only see what they need to see and access what they need to access. 

 

This ensures your SoniCloud system stays in a regulatory compliant setup with no upkeep. 

 

It’s important  to understand how this system is implemented as you consider the SoniCloud system.

SoniCloud Users

SoniCloud users have the ability to view one (or more) sites, depending upon the size of their organization and what their permissions include 

 

SoniCloud users login via their email address and are able to have site-specific:

 

  • Alarm Notification Methods: These determine how a user can be notified about an alarm. 
  • SoniCloud supports email, SoniCloud Mobile push notifications, SMS, and phone calls. 
  • Alarm notification methods are set up by Manager and Admin permission level users for other users without those permissions, ensuring tiered alarming across an organization
  • The only exception is SoniCloud Mobile push notifications:limitations of iOS and Android means each individual user must opt into push notifications when logging into the SoniCloud mobile app.

 

  • Alarm Escalation Settings: Escalation settings allow alarm escalation to occur in a flexible manner, ensuring that the right people get alarm notifications at the right time. 
  • For example, maybe facilities teammates should receive immediate alarms, while department management is notified if alarms haven’t been acted upon within 12 hours
  • This is how alarm escalation adds an extra layer of asset protection 
  • Alarm Repeating Settings: Ensure an alarm is never missed by enabling repeating alarm notifications
  • ll All alarms that haven’t been resolved or snoozed can continue to send alarm notifications to users.
  • Alarm Notification Schedule: Set up flexible notification schedules and only get notified outside of work hours 
  • Groups: Discussed below
  • Permission Level: Discussed below

 

Password Restrictions

SoniCloud provides the option for customers to use the following password restrictions:

    •   Password Requirement Options
      • Minimum Password Length
      • Password Reuse
      • Require 1 or More Upper-Case Letters
      • Require 1 or More Lower-Case Letters
      • Require 1 or More Numbers
      • Require 1 or More Symbols
      • Password Expiration
  • Account Lockout Options
    • Account Locking
    • Lockout Window
    • Lockout Duration
  • Login Statement

SoniCloud Groups

Each SoniCloud user can belong to one or more groups

 

These groups are assigned to a Zone, which gives users the ability to view points in that zone.

In the example above, there are two zones: 

 

    • Pharmacy Zone, consisting of 
      • Pharmacy Fridge Pharmacy Freezer 
      •  
    • Dietary Zone: consisting of
      • Dietary Fridge 
      • Dietary Freezer


    • There are also three groups: 
      • Facilities
      • Pharmacy Managers
      • Dietary Managers

     

    A user that belongs to the Pharmacy Managers group would only be able to see the points in the Pharmacy Zone

     

    A user that belongs to the Dietary Managers group would only be able to see the points in the Dietary Zone

     

    A User that belongs to the Facilities group, however, would be able to see both the Pharmacy Zone and the Dietary Zone

     

    This ensures each user only sees information relevant to them. 

     

    SoniCloud Permission Levels

    SoniCloud permission levels allow for fine-grained capabilities on a per-site basis. 

     

    If a user has access to multiple sites, they can have different permissions levels for each site – for instance, a user may need to have Admin permissions at a central location, but only View permissions at satellite locations. 

     

    Sonicu recommends limiting Manager and Admin permission levels to only critical teammates to ensure that changes aren’t made that unintentionally affect others in the system.

     

    • Basic**: User who has the capacity to view points, run reports, and view (but not take action on!) alarms.
    • View: User who can view points, run reports, and take action on alarms.
    • Manager**: View User permissions, plus the ability to edit View Users and control alarm notifications.
    • Admin: User who can manage alarms, reports, points, users, and general configuration of the site.

     

    • ** These permissions levels are not enabled by default – contact Sonicu Support to determine if these permissions levels would be a benefit to your organization

     

    SoniCloud Single Sign-On (SSO) Support

     

    SoniCloud offers Single Sign-On (SSO) support via the Security Markup Language (SAML), the industry standard for logging in users to multiple applications via a single authentication method. 

     

    SoniCloud leverages AWS Cognito as the SAML federation provider. 

     

    This allows a customer to pair with SoniCloud and leverage SAML and their internal Active Directory (AD) implementation to provide SSO for SoniCloud. 

     

    Sonicu recommends SSO be enabled for all customers, as this allows customer IT to enforce desired security settings, including 

    •  Multi-factor authentication
    • password complexity requirements
    • password rotation requirements

     

     

    Technical Setup Requirements

    Enabling SSO starts with an exchange of technical contact information between Sonicu and the customer. 

     

    The customer will be asked to provide the following information:

    • SAML2.0 Metadata file
    • Enable email address of the user to be sent via the `email` attribute
    • A list of domains that users will be registering with (ex. Any subsidiary domains)
    • Is IdP Signout flow (SLO) desired?

     

    Sonicu will provide the following information:

    • ACS URL
    • Entity ID
    • Signed Responses: Not required
    • Name ID format: persistent

     

    After this information is exchanged, a 30 minute meeting will be scheduled between Sonicu IT and customer IT to enable SSO and validate the SSO connection. 

     

    After this, all existing user accounts for the customer will be swapped to SSO.

     

    What else changes with SSO?

    • Sonicu technical support will no longer be able to send password reset emails – this must be done via the customer’s IT processes. 
    • Customers must ensure that all users who may need SoniCloud access are added to the correct AD groups prior to having the users log in. 
    • To leverage the SoniCloud Mobile app, users will be required to follow the SSO flow on their mobile devices. 
    • If a user decides to use a personal mobile device (PMD), they must abide by their IT policy on PMDs.

     

    Authentication vs Authorization

    SoniCloud’s SSO implementation is limited to authentication – that is, SSO is utilized to determine if a user has met the requirements to be logged in. 

     

    SoniCloud does not utilize SSO for authorization – that is, to determine which groups a user should be in (and, therefore, which points of monitoring they have access to). 

     

    User authorization will still be handled by the permission levels and groups described earlier in this document.