Egnyte is committed to providing a robust issue remediation process within Secure & Govern. We have a multi-phased initiative planned to revamp and improve our existing issue remediation workflow. The changes will include frontend UI updates as well as backend workflow changes for improved issue remediation and processing.
What Can Users Expect to See and When?
The first changes will start showing up in the Secure & Govern UI on September 8, 2022. Following the initial release, users should expect to see additional updates on roughly a monthly basis. The goal is to have the issue remediation improvement initiative completed by the end of 2022.
What Can Users Expect to See on September 8, 2022?
The initial changes will involve UI changes within the Secure & Govern Issues View. No backend workflow changes will be completed as part of this release.
Changes Impacting All Issue Types
We are changing the ‘Ignored’ status to ‘Dismissed’ to be more accurate. You will see this in the filters on the left side of the Issues tab.
Changes Impacting State-Based Issue Types
For Public Link, External Sharing, Open Access, Individual Permissions, Malformed Permissions, Empty Group, and Unused Group issues, you will see the ‘Ignore’ button has been replaced by a ‘Dismiss’ button. The ‘Dismiss’ action will have the same effect as the previous ‘Ignore’ action: the dismissed issues will be viewable by selecting ‘Dismissed’ status in the filter on the left side of the issues tab and can be re-opened by clicking the ‘Reopen’ button.
Changes Impacting Event-Based Issue Types
For Ransomware, Unusual Access, and Suspicious Login issues, you will see the ‘Ignore’ button has been replaced by a ‘Close’ button.
For Ransomware, Unusual Access, and Suspicious Login issues, the options under the ‘Fix’ and ‘Close’ button have changed. Under ‘Fix’ you will still be able to choose to ‘Deactivate User Account’ or ‘Reset User Password’, but now users will also see any other actions previously available under the ‘Ignore’ button under the ‘Fix’ button. For example, ‘Whitelist File Extension’ for Ransomware issues.
Current
Future
Under ‘Close’ you will be able to choose to ‘Dismiss the Occurrence’ or ‘Mark as Resolved’.
Current
Future
Milestone 1 - Completed
Egnyte Secure & Govern now enforces entering a “reason” when dismissing all issue types and remediation actions such “Add User Exception”. The “reason” will help enhance issue auditing as well as provide a feedback loop to Egnyte for ML model improvements. ML feedback will be crucial to improving detection accuracy and reducing false positive detections
Support Remediation “Reason”
- Select “Dismiss” or “Dismiss this Occurrence” . The dismiss issue modal appears
- Select Reason: “Expected Behavior” or “Other”
“Expected Behavior” should be selected for false positive detections
- Enter comments
- Select “Dismiss” to dismiss the issue. The issue is dismissed
For now, these event-based issues will not be visible when checking ‘Dismissed’ in the left-hand pane. Making these issues visible in this way is part of the changes to be rolled out in the coming months.
Key Milestones and Target Completion Dates
|
Milestone |
Target Completion |
Status |
|
Milestone 1: Enforce "Reason" when “Dismissing” issues to improve audit and provide ML feedback |
December 2022 |
Completed |
|
Milestone 2: Support “Dismiss” backend process flow for event-based issues
|
Q4 2022 |
January 2023 |
|
Milestone 3: Change ‘Fix” to ‘Remediate’ |
Q1 2023 |
TBD |
|
Milestone 4: Improve backend processing of Probable Ransomware issues |
Q1 2023 |
TBD |
|
Milestone 5: Improve issue updates by providing issue update reasons |
Q1 2023 |
TBD |
|
Milestone 6: Automatically assign user during issue remediation’ |
Q1 2023 |
TBD |