2021.4 Service Update

In this major security advancement in Workplace, and following the release of local encryption in our Workplace for Windows and Mac v10.3 release, the new Offline Access policy in the Workplace for Windows and Mac section of the Policy Profiles pages functions similarly to the existing policy by the same name. Please see Policy name change, below.

This is a significant product enhancement. It ensures that users cannot sync data and then put their device into airplane mode and enjoy complete access. With this policy enabled, after the number of days you set, access to files will be declined until the users connects to the Workplace service again - at which point the machine will lock down if you've set it to do so, thus providing a major enhancement to the security of your data stored on individuals devices.

We've expanded the public share Email validation required feature to allow you to restrict access to recipients with specified email addresses or email address domains. This option adds an another layer of specificity to our public share security features.

To use this new feature, create or edit a public share. Then, in the Security area, select the Email validation required check box. This will expand the area to display the new Restrict public share access by email address/domain option. Select the corresponding check box and enter the domains/email addresses to which you'd like to restrict initial access in the corresponding field. Separate entries with a comma. For domains, use the following syntax: *@domain.xxx

You'll notice that when this option is applied, the word (Restricted) appears in the setting summary in the top right of the Security area.

NOTE  This will restrict who can request an access link; it does not restrict access the link that is subsequently sent! If you're concerned about the security of the item you're sharing, we recommend that you also apply one or more of our other security-enhancing options to the public share. Security options include password protecting the link, setting the link to auto-expire after a period of time and/or after it's been accessed a certain number of times, applying a watermark to the item, and limiting access to "view only."

For more information, please refer to Managing project, folder, and file public shares.

When a team is in a disabled or deleted state, you can now quickly undelete or enable the team from a banner on the Create or edit a team page when it's in edit mode. Just click the button to complete the action, and remember to save your changes.

The policy formerly known as Account Validation has had a name change. It's now called Offline Access. There are no functional changes; we've simply changed the name for the sake of clarity.

In the interest of encouraging good security practices, we've changed the password operation available on the Edit a user page.

Previously, administrators were able to manually change users' passwords themselves. With this release, administrators can simply click the Send Password Reset Email button. Workplace then automatically sends a password reset email to the user, with instructions on how to complete the password reset process. This way, no one other than the user is ever in possession of their password.

The create date and modified date on all Workplace interfaces are now retrieved from the Workplace service, which ensures consistent date information regardless of which Workplace component you are using. Create Date fields and columns will display the date the file/folder was created in the Workplace service. Modify Date fields and columns will display the last time the file was changed or the the last time the contents of a folder were modified.

We've updated our CSV import utility. It now allows you to import users with no storage allocated to them. For more information about this feature, please refer to Import users.

When online editing was enabled and saved on the Set Team Defaults in Workplace Manager, the setting did not carry over to the Integrations page in Workplace when a new team was created. This issue has been fixed and new teams now carry all default settings and values.

We've resolved a few small SSO-related issues in our ongoing efforts to enhance the robustness of our single sign-on implementation.

As we continue to polish our presentation layer, we've addressed some minor IU issues:

• The Online Editing policy, as well as the MS Office 365 and Google integrations still displayed on the member/connection/group Policy Profiles tab despite having moved to the Integrations page in a previous release.

• On the Policy Defaults page, the default team plan type for a metered Workplace partner was displayed as Unlimited. This was a cosmetic issue only and did not affect the partner's client teams.

• We've tightened up field layouts and alignments, as well as the appearance and phrasing of instructional text, on the Create or edit a team page.

• Improved error handling/alerts on the Create or edit a team when in edit mode.

When the Email validation required public share security feature was used, the appropriate custom branding did not display on email validation notifications and interfaces. These items now properly display custom branding if it has been configured for the site.

Uploading a file to a project or project folder using the Email to Project feature should always be successful if the email is sent. In a reported case, this process intermittently failed. The issue has been resolved and the feature once again works as designed.

We've implemented changes to support some scenarios in which the number of licenses and/or storage amounts displayed inaccurately in workplace Manager.

This critical bug fix corrects an issue that prevented users from creates public shares via Workplace Mobile 4.0 . Creation of public shares using this component now functions as expected.

When saving notification recipients for alerts on the Configure security features page, Workplace Manager users added to the recipient list were not retained. The issue has been resolved.

Sadly, our animated intro was not dependably displayed. The issue's been resolved and you'll now see it when appropriate.