Description


Product Updates for September


Please note that some of these features are being enabled gradually.


Updates:


Avanan:

Enhanced DLP Policy using Microsoft Purview Sensitivity Labels

  • DLP Workflows can now be triggered based on Microsoft Purview Sensitivity Labels.
  • Avanan now allows administrators to define a DLP policy based not only on out of the box Check Point data types or custom data types, but also based on the Microsoft Sensitivity Labels that are attached to the email/attachment/shared file/message.
  • To enable this: Create/edit a DLP policy of any integrated Microsoft application, select Inline mode and under the DLP Criteria section, select Microsoft sensitivity labels and choose between:
  1. Any label
  2. Specific labels
  3. All labels except
  4. Without labels


Enhanced Authentication Options for the End User Quarantine Portal

  • Users can now log into the End User Quarantine Portal via Microsoft.
  • Using the End User Quarantine Portal, end users can look online for their quarantined emails and request for them to be restored at any time.
  • To allow your end users to log into their Quarantine Portal via Microsoft, first log into the portal via Microsoft with a Microsoft admin, and in the window that opens, authorize your entire organization.
  • To enable: Security Settings > User Interactions > Quarantine > Email Security Portal for End Users
  • What it will look like:


Microsoft 365 Footprint Change to Support our Fast Growth

  • A Check Point connector will be modified in your Microsoft 365 environment as part of a backend infrastructure upgrade.
  • A minor change has been made to a setting in a Connector added by Avanan during the initial deployment.
  • Over the next 3 weeks you will see the following change in your Microsoft 365 environment:
    • Under the Avanan Connector (Avanan Journaling Outbound), the Routing settings will change so that it routes journaled emails to:
      • [portal name]-monitor.avanan.net
      • It was previously set to route emails through: [portal name]-host.avanan.net


Note: 

This will only affect the following accounts: 

  • The change will only be made to customers that used the default automatic onboarding or last re-authorized the Avanan application before 1.1.2024.
  • Customers that performed a manual onboarding are encouraged to make this change manually.
  • This change still ensures your emails are not routed outside the region of your portal.
  • If for some reason you do not want this change to be performed in your environment, please contact Avanan support.


Security Checkup Report Enhanced Scheduling

  • Administrators can schedule and generate Security Checkup reports for the last month, the last period and specific date ranges.
  • Until now, the report could cover the last 7, 14 and 30 days.
  • Avanan now allows administrators more flexibility, so that they can schedule reports to run on a monthly or quarterly basis and cover events from the last month, last quarter or a specific relative date range.


Enhanced Email Archive Import

  • Administrators can now import larger email archives efficiently.
  • With one import action through the UI, customers can now import up to 6TB of compressed email archive (previously - 150GB), and the automatically generated upload storage is available for 30 days (previously - 7 days).


Scoped Security Checkup Reports

  • Administrators can now generate and schedule Security Checkup reports for part of their organization.
  • When generating or scheduling Security Checkup reports, administrators can now select which users the report will cover, based on the value in the Company and/or Department fields in Azure Active Directory.
  • To do that, generate or schedule a report and under the Scope section, select whether the report will run on all users or a specific company/department.

  • When scheduling the report, you can also choose to add the selected scope to the subject of the email containing the report, by checking the Add scope to email subject box.



Smart Banners - Exclude Specific Sender Domains

  • Administrators can now avoid adding Smart Banners to emails from specific domains.
  • At times, organizations would like to refrain from adding Smart Banners to emails. It could be for automated emails received routinely from 3rd party systems, trusted senders, emails that must not be modified, etc.
  • Avanan now allows administrators to do this. 
  • You can exclude a sender domain from Smart Banners, go to User Interactions > Smart Banners > Settings and add the selected domains, separated by commas, in the Excluded sender domains box:


Enhanced Inline Protection for Internal Emails

  • Inline Protection for Internal Microsoft 365 emails is now available for all customers.
  • To configure inline inspection of internal emails – between two users in the same Microsoft 365 account – some customers needed help from support to enable it.
  • To configure inline protection for internal traffic, go to the Threat Detection policy, scroll all the way down and under Advanced Options, check the Protect (inline) Internal Traffic box.

DMARC Management Now Available

  • Avanan now deploys DMARC Management to help organizations make sure all legitimate senders are allowed so that you can confidently apply a restrictive policy tag in your organization's DMARC DNS record.
  • DMARC Management helps you safely transition to a restrictive DMARC policy. It includes:
    • Visibility to all the services sending emails on behalf of your domains and subdomains
    • Search all DMARC failed emails sent on the organization's behalf
    • Actionable DMARC record change recommendations.
  • Prerequisites
    • Periodically, email receivers send aggregated reports containing information on all emails they received from your domain, the IP address from which they received the emails, and the authentication results (SPF and DKIM) for each IP address. These reports are sent to the email addresses (RUA mailbox) defined in your domain's DNS DMARC record with the rua tag.
  • Here is a sample DMARC record content:
  • For more information, please contact support@manageprotect.com


MPaware

Enhanced Security Risk Assessment (SRA)

  • Newly enhanced Security Risk Assessment (SRA) is now available for BPP and HIPAA clients. This update streamlines the assessment process, saving time, simplifying compliance, and helping to address security gaps more effectively.
  • Modern User Interface: 
    • Condensed SRA Tabs: We’ve simplified the SRA experience by condensing the tabs from two to one, along with a visual refresh for both the main page and the work plan page.
  • Integrated Reporting (Partner Admin only):
    • Customizable Reports: Partner Admins can now customize and publish reports directly within the portal.
      • Previously, SRA reports were emailed as Word documents with an Excel work plan that required manual upload after customization. Now, reports are stored unpublished in the portal, allowing for seamless customization. Once finalized, they can be published with a single click, automatically notifying clients that their reports are ready.
    • Auto-Publish Option: If you'd prefer not to customize reports, you can now opt to auto-publish them.
      • With the auto-publish feature, reports can be automatically made available to clients without any manual adjustments. You have the flexibility to release reports instantly or schedule them for up to 14 days later, depending on your needs.
  • Enhanced Questionnaire
    • Questions have been added to both the HIPAA and cybersecurity questionnaires, ensuring a more comprehensive compliance check that aligns with evolving threats and modern security practices.
  • Compliance Scoring 
    • Introducing a new compliance score designed to help organizations accurately assess their current compliance status and monitor ongoing improvements.
  • All New Work Plan 
    • Dynamic Recommendations: Recommendations are now directly linked to the questionnaire. When a recommendation is marked as complete in the work plan, the corresponding question is automatically updated for future assessments.
    • Enhanced Work Plan Report: The updated Work Plan Report now features the Compliance Score, a Compliance Chart, and Identified Threats, enabling organizations to easily track their progress and compare it against the initial report.
  • Updated Reports
    • Our reports have been redesigned with a sleek, modern aesthetic that’s not only visually appealing but also more engaging and user-friendly.
  • Document Uploads 
    • You can now easily upload supporting documents directly when completing recommendations or answering questions in the questionnaire, ensuring all necessary information is captured in one place.
  • In-Portal Scheduling 
    • For clients with consulting services enabled, you can now effortlessly schedule calls using an integrated calendar once their risk assessment is complete. This eliminates the back-and-forth of coordinating calls, making the process smoother and more efficient.
  • Tutorial Videos 
    • We’ve introduced new tutorial videos to guide organizations through key areas of the assessment, ensuring they fully leverage all features and functionality for optimal results.


New Training Courses: OSHA for Healthcare & Fraud, Waste, and Abuse for Healthcare

  • New training courses are now available for clients with a HIPAA BPP, EVA MD, or HIPAA Compliance product. If you have the Partner HIPAA Compliance package for your internal team, you’ll also have access to these trainings.
  • OSHA for Healthcare Training: 
    • Comprehensive Coverage: Includes 16 individual courses covering essential safety topics for healthcare environments, including bloodborne pathogens, fire safety, MRI safety, and more. 
    • Expert-Crafted: Courses reviewed and optimized by an independent OSHA subject matter expert to ensure top-tier compliance and relevance. 
    • Efficient Learning: Courses range from 3 to 15 minutes, each concluding with a quiz to certify understanding. 
    • Multilingual Support: Courses come with English, Spanish, and French captions to accommodate diverse workforce needs. 
    • Regular Updates: Continuously reviewed to keep training current with the latest OSHA standards. 
    • Training Certification: Each course completion earns a personalized certificate, boosting compliance records. 
    • Ideal for: Healthcare providers needing to meet federal safety standards effectively and efficiently. 
  • Fraud Waste and Abuse (FWA) for Healthcare Training:
    • Targeted Training: A focused 12-minute course designed to educate on the crucial aspects of fraud, waste, and abuse in healthcare settings. 
    • CMS and OIG Compliant: Meets standards set by the Centers for Medicare and Medicaid Services and the Office of Inspector General. 
    • Case Study Approach: Utilizes real scenarios to illustrate fraudulent practices and their impacts on healthcare. 
    • Mandatory for Compliance: Essential for employees in Medicare Advantage Organizations and Part D Sponsors. 
    • Accessible Learning: Available in English, Spanish, and French to serve a diverse audience. 
    • Certification Included: Passing the end-of-course quiz grants a certificate, demonstrating compliance readiness. 
    • Continuous Education: Encourages annual retraining to maintain awareness and adapt to evolving regulations. 


Dark Web Domain Management

Enhanced features and streamlined processes have been added to the Dark Web feature. 

  • Interface Updates: The dark web interface has been updated to make the setup process more intuitive and efficient.  
  • Report Updates: Monthly and summary reports now include up to 200 breaches, along with visual upgrades for easier analysis.


Enhanced ESS Report Capabilities

  • The Employee Secure Score (ESS) Report now supports displaying up to 500 employees in the PDF, a significant increase from the previous limit of 100.
  • If you haven’t yet set up automated delivery of the ESS report for your clients, now is the perfect time to configure it.



Dropsuite 

Retention Policy Improvement: 

  • New features for both default and custom retention policies. From simple automated solutions to flexible customization, these enhancements provide more options for managing retention. 
  • Note: By default, data retention is set to unlimited and never delete. 
    • Backup-only Subscription: Only mail can have an assigned retention policy. Retention periods can be set for 14 months, 4 years, 7 years, or never deleted. If no specific period is set, it defaults to unlimited, with a banner prompting users to create one.
    • Archiver-type Subscription: Both mail and SharePoint can have assigned retention policies. Customizable retention periods for email range from 30 days to 11 years, with an option for unlimited retention. Recent enhancements for the Archiver-type subscription include a new default domain retention policy, simplifying the retention process by applying policies for all users at the domain level. Users can choose between default and custom retention options to meet diverse needs.


Feature Sunset: Relationship Page:

  • The 'Relationship' page on the End-User portal has been deprecated as of 16 September 2024. This page, which provided email connection visualizations, attribute details, and a download feature, will no longer be available. An improved version is in development and will be reintroduced in the future. No data will be lost during this transition.


Bug Fixes: 

  • System Status: Resolved the 504 error when accessing the backup status page.
  • NFR Period: Fixed the issue with auto-extension.
  • NFR Document: Updated the outdated document in the email attachment.
  • Review Process: Resolved the problem where the system displayed a loading bar without returning any result.
  • Email Notifications: Fixed the issue with the incorrect email body after successfully adding an account to the backup.
  • User Role Management: Fixed the mismatch between the list and the mini-FAQ.



MPmail

Control Panel Version 6.35.10.0:

  • New feature coming soon: 
    • The email type “Delivered” has been introduced for customer-level administrators. After releasing an email from quarantine, they can now both see the original email and the released email in the “Email Live Tracking” module



Workplace 

  • Workplace for Mac agent v10.5.2.91 is now available for download. This version includes full support for MacOS 15 (Sequoia).
  • The agent installer can be found here: https://us.workplace.datto.com/download