Support Contact
Why Sharetru?
Platform
Features
Compliance
Industry
Pricing
Resources
Start Free Trial
    Start Free Trial
      March 7, 2019

      Review of Software Updates and New Features from 2018

      Written by: Martin Horan

      Our team has made a ton of product updates over the last year, so it's easy to miss a few. Here are some highlights of what was rolled out and updated so you can keep sharing files with confidence!

      MULTI-FACTOR AUTHENTICATION (MFA)

      1/3/2018 NEW FEATURE

      Multi-factor Authentication via One-Time Passcodes (OTP) is available on Compliant Enterprise plans or above. This applies only to logins via web browser, as there is no method in the FTP or SFTP protocols to prompt for a secondary password.

      OTP is turned on for the site under Settings / Authentication / Multi-Factor (OTP). Two methods of OTP delivery can be implemented by the administrator – Email or SMS. SMS (text message) is considered a more secure OTP delivery method. Email is considered the least secure.

      Once OTP is enabled, and the delivery methods chosen, OTP is toggled on as required on for an individual user under Users / <specific User> / Authentication.

      5/1/2018 ENHANCEMENTS

      The method of providing the user a six-digit one-time passcode now includes Timed OTP mobile apps such as Google Authenticator. This more secure than delivering a code via email or text message, because TOTP codes automatically change every 30 seconds.

      OTP is turned on for the site under Settings / Authentication / Multi-Factor (OTP). Up to three methods of OTP delivery can be implemented by the administrator – Email, SMS or TOTP app. TOTP app (added 5/1/2018) is considered the most secure, as it requires a mobile app such as Google Authenticator, Microsoft Authenticator, Duo or other compatible TOTP apps. TOTP apps change a synchronized 6-digit code every 30 seconds. SMS (text message) is considered the next most secure OTP delivery method. Email is considered the least secure.

      Once OTP is enabled, and the delivery methods chosen, OTP is toggled on as required on for an individual user under Users / <specific User> / Authentication. If TOTP is the delivery method for the user, they will be required to setup and configure their mobile app the next time they log in.

      otp-admin

       

      otp-setup

       

      FILES - CONTENT (DIRECTORY LISTINGS)

      1/9/2018 ENHANCEMENT

      The Files / Content screen has new column at the far right that will show for workspace folders.  The number indicates the number of users that have a home directory somewhere in the path of the workspace.  Thus, the Home icon at the top of the column.

      For example, the site root shows a workspace ‘Sales’ with the number 10 in the last column. This indicates that there are 10 users with a home directory somewhere in ‘Sales” (or below). When drilling down into the ‘Sales’ workspace there are two nested workspaces, ‘East’ (showing 6) and ‘West’ (showing 4). This indicates that there are 6 users with a home directory in ‘East’ (or below) and 4 users with a home directory in ‘West’ (or below).

       

      files-content

       

      INFINISHARE (FILE SHARING)

      5/11/2018 ENHANCEMENTS

      Link Options Overrides:

      Previously, the user creating a link could either override all link options or none. The Administrator option on the Settings / File Sharing screen to allow end-user overrides has been split into one override setting for each of the options fields.

      New Link Options:

      • Notify users when link is used:
        • Return email receipts can now be triggered back to the user when one of their InfiniShare links is used by the third-party recipient.
      • Require password with link:
        • File sharing links can now have passwords. The use of passwords can be required my administrators.
        • Passwords on InfiniShare links will be randomly generated during link creation. The password can be changed by the user creating the link but must follow the site’s Password Strength requirements.
        • When a link recipient clicks the link, if a password is required, an email address field is also required (address not validated). This will result in a log of the link usage to include both the recipient’s IP address and their email address.

      Link Creation Screen:

      When a user is creating a file sharing (InfiniShare) link to send to a third party, the InfiniShare Options have been combined with the InfiniShare link creation dialog on a single screen.

      07/26/2018 ENHANCEMENT

      Users may now be individually allowed or disallowed to use InfiniShare. This is handled with a toggle on the user’s Edit screen. The Settings / Web App / File Sharing page also now has two buttons for toggling the InfiniShare role on all existing users on or off.

       

      infinishare-admin

       

       

       

       

       

       

       

       

       

      infinishare-creation

      infinishare-user

       

      INACTIVE USER SUSPENSION

      06/11/2018 NEW FEATURE

      Certain security frameworks such as HITRUST require that users who have no logged in recently be automatically suspended.

      This new feature is managed on the Settings / Authentication / Inactive Users screen.  The toggle must be enabled for the daily process to take effect.  The users will be suspended after the configured number of days of inactivity (i.e. no login). For a user that has never accessed the site, the user's create date will be used as the last activity date. 

      The user auto-suspension process runs daily at 12:02AM Eastern.  A list of users that are auto-suspended due to inactivity will be emailed to site admins and appropriate team leads. Suspended users will show a red suspended user icon, just like when they are manually suspended. The suspend date visible on the user’s Authentication tab will indicate the date of the suspension.  The user can be unsuspended on that screen.

      Note that this feature should not be confused with Password Expiration. A suspended user cannot login, even with a valid password. Nor can they ask for their own Forgotten Password reset. Suspended users must be manually un-suspended by an administrator.

       

      inactive-admin

       

      ACTIVITY

      3/22/2018 ENHANCEMENT

      The following reports were modified to run significantly faster, especially on customer sites with a lot of activity:

      • Transfers report.
      • Deleted Files report.
      • Dashboard mini-reports of most recent activity.

      10/1/2018 NEW FEATURES

      On 10/1/2018, the following new reports were added to Activity / Reports:

      • Users report 
        • Report shows a list of users and pertinent data such as site usage (storage) and last login date.
        • Report can be exported to CSV.
        • Report can be sorted on screen or after export.
      • Access report 
        • Report shows all users and shows what permissions they have in each folder.
        • Report can be exported to CSV.
        • Report can be sorted on screen or after export

       

       

       

       

       

       

      users-report

      access-report

       
      Tag(s): Product Update

      Martin Horan

      Martin, Sharetru's Founder, brings deep expertise in secure file transfer and IT, driving market niche success through quality IT services.

      Other posts you might be interested in

      View All Posts
      File Sharing Best Practices

      Understanding One-Time Password (OTP) Authentication Options

      Over the last few weeks, we have focused on authentication progressing through... Read More
      File Sharing Best Practices

      Understanding Multi-Factor Authentication 101: Key Insights

      In the IT industry there are many words used when discussing the topic of... Read More
      File Sharing Best Practices

      One-Time Password (OTP) Authentication Methods – HOTP + TOTP

      The evolution of multi-factor authentication (MFA) is like that from the... Read More