Release Date: April 6, 2023 Secure & Govern 18.4 Release
Issue Remediation - Improve Event-Based Remediation Workflow
The issue remediation workflow has been improved by introducing a new “In progress” status. Now when certain actions are taken on an existing “Open” issue, the issue will be moved from “Open” status to “In progress” status. Prior to the 18.4 release, “Deactivate User” and “Reset User Password” remediation actions would automatically resolve Unusual Access, Suspicious Login and Probable Ransomware issues which didn’t support the investigation process needed to properly resolve these event-based issues. The new workflow process now aligns and supports the required remediation steps by moving the issue from “Open” to “In progress” status. This allows Administrators to take the initial preventive actions (Deactivate User or Reset Password), complete the issue investigation process, take the necessary internal remediation steps and then close/resolve the issue.
The following issue actions will move a “Open” issue to “In progress”:
- Issue is delegated to a user
- Deactivate User Account
- Reset User Password
- Whitelist File Extension
- Restore Content
Issues can now be filtered using the following issue statuses:
As part of the feature rollout, we have also renamed the “Fix” button to “Remediate”
Suspicious Login - Expand Restricted Country Support
The restricted country support, for Suspicious Login rule, has been expanded to 250 countries and dependent territories. Administrators can now configure any country as a restricted country as well as be alerted when a user attempts to login from any of the restricted countries or dependent territories.
The full list of countries and territories can be found here: https://www.geonames.org/countries/
Increased Number of Draft Policies in Content Lifecycle
The number of Content Lifecycle policies that can be created in draft form has been increased from 5 to 10.
Last Accessed Information in Duplicate File Listing
In addition to creation date, a file’s last accessed date is now displayed when viewing files identified in a duplicate file remediation job.
Prevent Potential Ransomware from Being Archived
Users will now have the option to prevent files identified as potential ransomware from being archived. This option is available for both the policy-based and on-demand archival capabilities.
Protected Metadata Available for Custom Classification Policies
In addition to public metadata, users can now specify protected metadata as a criteria in custom content classification policies.