x Close

Take a Tour
Martin Horan

By: Martin Horan on March 7th, 2019

Print/Save as PDF

Review of Software Updates and New Features from 2018

Announcements Latest Features

Our team has made a ton of product updates over the last year, so it's easy to miss a few. Here are some highlights of what was rolled out and updated so you can keep sharing files with confidence!

MULTI-FACTOR AUTHENTICATION (MFA)

1/3/2018 NEW FEATURE

Multi-factor Authentication via One-Time Passcodes (OTP) is available on Compliant Enterprise plans or above. This applies only to logins via web browser, as there is no method in the FTP or SFTP protocols to prompt for a secondary password.

OTP is turned on for the site under Settings / Authentication / Multi-Factor (OTP). Two methods of OTP delivery can be implemented by the administrator – Email or SMS. SMS (text message) is considered a more secure OTP delivery method. Email is considered the least secure.

Once OTP is enabled, and the delivery methods chosen, OTP is toggled on as required on for an individual user under Users / <specific User> / Authentication.

5/1/2018 ENHANCEMENTS

The method of providing the user a six-digit one-time passcode now includes Timed OTP mobile apps such as Google Authenticator. This more secure than delivering a code via email or text message, because TOTP codes automatically change every 30 seconds.

OTP is turned on for the site under Settings / Authentication / Multi-Factor (OTP). Up to three methods of OTP delivery can be implemented by the administrator – Email, SMS or TOTP app. TOTP app (added 5/1/2018) is considered the most secure, as it requires a mobile app such as Google Authenticator, Microsoft Authenticator, Duo or other compatible TOTP apps. TOTP apps change a synchronized 6-digit code every 30 seconds. SMS (text message) is considered the next most secure OTP delivery method. Email is considered the least secure.

Once OTP is enabled, and the delivery methods chosen, OTP is toggled on as required on for an individual user under Users / <specific User> / Authentication. If TOTP is the delivery method for the user, they will be required to setup and configure their mobile app the next time they log in.

otp-admin

 

otp-setup

 

FILES - CONTENT (DIRECTORY LISTINGS)

1/9/2018 ENHANCEMENT

The Files / Content screen has new column at the far right that will show for workspace folders.  The number indicates the number of users that have a home directory somewhere in the path of the workspace.  Thus, the Home icon at the top of the column.

For example, the site root shows a workspace ‘Sales’ with the number 10 in the last column. This indicates that there are 10 users with a home directory somewhere in ‘Sales” (or below). When drilling down into the ‘Sales’ workspace there are two nested workspaces, ‘East’ (showing 6) and ‘West’ (showing 4). This indicates that there are 6 users with a home directory in ‘East’ (or below) and 4 users with a home directory in ‘West’ (or below).

 

files-content

INFINISHARE (FILE SHARING)

5/11/2018 ENHANCEMENTS

Link Options Overrides:

Previously, the user creating a link could either override all link options or none. The Administrator option on the Settings / File Sharing screen to allow end-user overrides has been split into one override setting for each of the options fields.

New Link Options:

  • Notify users when link is used:
    • Return email receipts can now be triggered back to the user when one of their InfiniShare links is used by the third-party recipient.
  • Require password with link:
    • File sharing links can now have passwords. The use of passwords can be required my administrators.
    • Passwords on InfiniShare links will be randomly generated during link creation. The password can be changed by the user creating the link but must follow the site’s Password Strength requirements.
    • When a link recipient clicks the link, if a password is required, an email address field is also required (address not validated). This will result in a log of the link usage to include both the recipient’s IP address and their email address.

Link Creation Screen:

When a user is creating a file sharing (InfiniShare) link to send to a third party, the InfiniShare Options have been combined with the InfiniShare link creation dialog on a single screen.

07/26/2018 ENHANCEMENT

Users may now be individually allowed or disallowed to use InfiniShare. This is handled with a toggle on the user’s Edit screen. The Settings / Web App / File Sharing page also now has two buttons for toggling the InfiniShare role on all existing users on or off.

 

infinishare-admin

 

 

 

 

 

 

 

 

 

infinishare-creation

infinishare-user

INACTIVE USER SUSPENSION

06/11/2018 NEW FEATURE

Certain security frameworks such as HITRUST require that users who have no logged in recently be automatically suspended.

This new feature is managed on the Settings / Authentication / Inactive Users screen.  The toggle must be enabled for the daily process to take effect.  The users will be suspended after the configured number of days of inactivity (i.e. no login). For a user that has never accessed the site, the user's create date will be used as the last activity date. 

The user auto-suspension process runs daily at 12:02AM Eastern.  A list of users that are auto-suspended due to inactivity will be emailed to site admins and appropriate team leads. Suspended users will show a red suspended user icon, just like when they are manually suspended. The suspend date visible on the user’s Authentication tab will indicate the date of the suspension.  The user can be unsuspended on that screen.

Note that this feature should not be confused with Password Expiration. A suspended user cannot login, even with a valid password. Nor can they ask for their own Forgotten Password reset. Suspended users must be manually un-suspended by an administrator.

 

inactive-admin

ACTIVITY

3/22/2018 ENHANCEMENT

The following reports were modified to run significantly faster, especially on customer sites with a lot of activity:

  • Transfers report.
  • Deleted Files report.
  • Dashboard mini-reports of most recent activity.

10/1/2018 NEW FEATURES

On 10/1/2018, the following new reports were added to Activity / Reports:

  • Users report 
    • Report shows a list of users and pertinent data such as site usage (storage) and last login date.
    • Report can be exported to CSV.
    • Report can be sorted on screen or after export.
  • Access report 
    • Report shows all users and shows what permissions they have in each folder.
    • Report can be exported to CSV.
    • Report can be sorted on screen or after export

 

 

 

 

 

 

users-report

access-report

About Martin Horan

Founder of FTP Today and an expert in secure file transfer and Internet protocols. A software and IT geek since a young age, Martin has successfully led his companies through the digital age by spotting market niches and filling them with quality IT services.

Related Articles