Remote Support
Remote Access
Remote Work
Remote Monitoring and Management
Remote Presentation
Standard
Business
EnterpriseWhat's New in SimpleHelp 5.0.15
SimpleHelp 5.0.15 introduces a number of enhancements to better protected
the privacy of your customers.
the privacy of your customers.
For a detailed list of changes in all our releases see our Release News page.
See what was new in the previous release SimpleHelp 5.0.
See what was new in the previous release SimpleHelp 5.0.
SimpleHelp 5.0.15 introduces a number of changes that aim to allow SimpleHelp server administrators to better protect the privacy of their customers and end users. These changes will not fully protect your SimpleHelp server data if the server is compromised, but they do make it harder for sensitive data to be collected. This document details these changes.
Server Asset Encryption
SimpleHelp will now migrate and encrypt the following server-side resources:
Encrypting resources happens as soon as the server is started up, and may take some time. During this time the server will use additional memory and CPU resources while encrypting. This is a process that will only happen once. The server will send out the follow notifications to the SimpleHelpAdmin user when encryption has started and is complete:
- Server Configuration - personally identifiable information in the server configuration file, such as technician names and email addresses are now encrypted. The server configuration is still able to read unencrypted entries, but all subsequent configuration saves are encrypted.
- Session History - when a 5.0.15 server starts up for the first time it will encrypt every historical session stored in the session history repository. This includes session recordings that have been synchronised to the server.
- Technician Recordings - new recordings stored on technician machines will be encrypted.
- Invitations - invitations, which may contain sensitive information such as customer details, are now encrypted on disk.
- Logs - the 5.0.15 SimpleHelp Server will write to the standard unencrypted server.log file until the server binds successfully to the ports requested. At this point the server will switch to an encrypted logging stream stored in the logs directory.
- Technician Images - technician account images are now stored encrypted on disk.
Encrypting resources happens as soon as the server is started up, and may take some time. During this time the server will use additional memory and CPU resources while encrypting. This is a process that will only happen once. The server will send out the follow notifications to the SimpleHelpAdmin user when encryption has started and is complete:
|
|
Viewing Encrypted Logs
|
The SimpleHelpAdmin technician can log into the Technician Console and view the server logs in the Administration tab at any time. The Server Log section has been redesigned to more easily let you view and download SimpleHelp server logs.
Technicians can now select the time period that they wish the logs view to show, making it easier to track down a specific portion of the log if the server has been running for a long time. The Download action now allows technicians to fetch the entire server log. Additionally, the admin.bat / admin.sh server script can also decrypt server logs. |
|
Other Privacy-Related Changes
- History Session Removal - technicians can now remove session history items from the History tab in the technician console.
- Privacy Footer - it is now easier to include footer text on the HTML pages that SimpleHelp serves. Any text placed in configuration/html/footer.html will be included on the welcome page and each download page.
Custom Private Encrypt Keys (Advanced)
SimpleHelp uses a set of internal private keys to encrypt the data stored by the SimpleHelp server. This encryption means that it is harder for a malicious user to extract sensitive information from this data. For additional security, you can configure SimpleHelp to use a custom encryption key specific to your SimpleHelp server installation.
[Warning] If you forget or lose the password, or lose your backup of the encryption keys, your data cannot be decrypted. There is no master password or other fallback mechanism.
In order to configure custom keys for your server see our Custom Keys article.
- Custom encryption keys will be used for all assets when encrypting resources. Existing resources will not be re-encrypted with the new keys.
- The custom encryption key is stored on disk in a password protected asset. This password must be provided when custom key encryption is setup.
- Every time a SimpleHelp server restarts, the password must be provided in order to gain access to the custom keys.
[Warning] If you forget or lose the password, or lose your backup of the encryption keys, your data cannot be decrypted. There is no master password or other fallback mechanism.
In order to configure custom keys for your server see our Custom Keys article.
Clustering and Peering Changes (Enterprise)
In order to provide better more secure communications between SimpleHelp servers (peering or clustering) we've changed the way that servers authenticate with each other. This change ensures that auxiliary servers are able to authenticate in a limited fashion with other SimpleHelp servers, thereby minimising the exposure of a SimpleHelp server if its peers are compromised.
This is however a breaking change. If you are using clustering or peering these will need to be reconfigured. SimpleHelp servers running v5.0.15 or later cannot communicate with v5.0.14 earlier server versions.
This is however a breaking change. If you are using clustering or peering these will need to be reconfigured. SimpleHelp servers running v5.0.15 or later cannot communicate with v5.0.14 earlier server versions.
