ownCloud Version Brings Improved Password Policy, Object Storage Integration and Pending Shares Feature
Integration of S3 Object Storage enables administrators to operate ownCloud in storage systems that will grow along with requirements.
This is a Press Release edited by StorageNewsletter.com on July 27, 2018 at 2:16 pmWith version 10.0.9, ownCloud GmbH‘s more than 25 million users will receive increased options for sharing files securely and flexibly.
The integration of S3 Object Storage enables administrators to operate their ownCloud in storage systems that will grow along with their requirements.
The systematic adaptation of versions and deleted files has also improved performance when saving and deleting files in object storage and the ‘Password Policy’ app will provide users with a useful tool for defining individual rules for data protection. Password policies can now be defined for all users and a password history prevents previously used passwords from being set and the ability to accept or reject pending shares of received files provides additional control and security. Other apps such as ‘Activity and Gallery’ have also been updated.
The version 10.0.9. and the corresponding ownCloud apps are available for download at the company’s website and and marketplace.
The innovation in the version 10.0.9 is the introduction of the ‘Pending Shares’ function. In previous versions, shared files were automatically added to the recipient’s server and client. In an attempt to more easily manage these shares and to increase the personal freedom of the user, incoming shares can now be given a ‘pending’ status, which gives users the option to selectively accept or reject files. The new notification framework also allows users to be notified about newly released files via email, the notifications button in the web iew, or within the desktop client.
With the introduction of Pending Shares, the developers have responded to the desire of many users for more flexibility and usability. Users now have an overview of their shared files and the ability to accept shares that have previously been rejected. With the ‘Exclude groups from sharing’ option, administrators can also individually define the rights of specific users or entire groups; files will no longer be shared by certain users if they are in a specific group.
Object storage for everyone
The S3 API is now natively supported. With the integration of S3 Object Storage, users have the option to operate their ownCloud with Object Storages. This development improves the handling of file versions and deleted files, which are displayed directly via an S3 API function, allowing unlimited file sizes. The feature, which was previously only part of the ownCloud Enterprise Edition, is also available to the community without restriction and is important for users who want to use decentralized object storage solutions when modernizing their storage infrastructure. This often enables an even more cost-effective operation with the company. With the decision of the S3 protocol, the firm follows the general market trend in which the use of object storage is becoming increasingly more important. Soon, the company will certify object storage software and systems for the Enterprise Edition.
Compliance, audit and GDPR
To meet the additional security and compliance requirements of the EU GDPR, operators of ownCloud have the option to set links to the imprint and the data protection declaration directly via the admin settings, which are then displayed on all pages of the web interface and in the footer of notification emails.
For the administrators of enterprise, there are new events in the audit log to further improve auditing capabilities. Information about user changes, sending public links by email and accepting/rejecting approvals can now be displayed in the audit log. The output format has also been optimized for external analysis tools such as Splunk. Administrators can now switch to the new ‘admin audit’ app and adjust the dashboards accordingly for evaluation.
Additional protection through extended password policies
With the release of Server 10.0.9, a major version of the ‘Password Policy Extension’ has been released for all users. Up until now, the feature was only available to enterprise solution customers. The app includes features that allow administrators to define certain rules, asking users to change their passwords under certain conditions. For example, administrators can prevent the last ten passwords from being re-selected by a user. Admins can ask users to create a new password the first time they log on. In addition, expiration dates can also be set for individual passwords, forcing a change every 90 days. Users are informed by email in a configurable number of days before or after the password has expired. Installing the policy extension makes sense for users and organizations that manage personal and other business-critical data, as strict password rules minimize the risk of brute force attacks.
In addition to these major developments, the version 10.0.9. brings other improvements such as password reset emails that can be sent and adapted as HTML. Internet Explorer 11 and Microsoft Edge users now benefit from handling of large files. Small errors in the handling of checksums to check the file integrity with the ownCloud Desktop Client have also been fixed.
Resources:
Overview of all change
Release notes