April 2023
    • 15 Nov 2024
    • 2 Minutes to read
    • PDF

    April 2023

    • PDF

    Article summary

    A number of security-focused features and enhancements were introduced. These are aimed to help you improve your Wasabi security posture. If you have any questions about new features, reach out to Wasabi Support (support@wasabi.com).

    Announcement Banner

    When you log in to the Wasabi Management Console, a banner will display announcing new products and features, special offers, service incidents, or scheduled maintenance. For example:

    This banner is visible on both the login screen and inside the Console.

    Managing Sub-User Activity Status

    Root users and sub-user admins can define a sub-user’s activity status as Active or Inactive. This enables you to effectively create more limitations to Wasabi Management Console access, further tightening security around your data. 

    Setting a sub-user as Inactive will deactivate their access keys and prohibit their entry into the Wasabi Management Console. Note, however, that setting sub-user activity status to Inactive will not delete the sub-user. 

    There are two ways to set sub-user account activity status. Root users and sub-user administrators can:

    1. Toggle on the Sub-User profile page to manually set the sub-user activity status as Active or Inactive in the User Details section, as described in Reviewing Details and Editing an Existing User: Active

    2. Automatically trigger Inactive status for sub-users by defining a number of days of inactivity in the Sub-User settings menu, as described in Defining User Password Settings.

      After X-number of inactivity days, the sub-user is inactivated. The root user will have to toggle the sub-user back to Active in the Sub-User profile, as indicated in Option 1 above and described in Reviewing Details and Editing an Existing User: Active.

    New Customizable Terms of Use

    The Terms of Use feature applies if you are in an industry or business (state and local governments, healthcare, education, and so on) that requires your users to acknowledge specific terms of use before they access sensitive data. This feature is flexible and can be used for a variety of use cases that may not be mentioned here. You can specify a Terms of Use that your users must agree to or acknowledge before entering the Wasabi Management Console. For example:

    As described in Defining and Displaying Terms of Use, a root user can access the Terms of Use feature on the Settings page, an specify the specify up to 3,000 characters of text that all users (including the root user) will see upon successful login.

    New Root User Password Settings

    Root users can define the number of:

    • Failed login attempts before the Root account is locked out.
    • Minutes that the Root account is locked out for, after X-number of failed login attempts. 

    These can be managed in the Root User Password Settings menu on the Settings page of the Wasabi Console. Refer to Defining the Root User Password Settings for details.

    Access to Audit Logs

    A new predefined Wasabi policy, WasabiViewAuditLogs, gives users (in addition to the root user) access the administrative logs found in the Compliance Logging section of the Wasabi Management Console. You can apply the WasabiViewAuditLogs policy to users (auditors, compliance specialists, and so on) who should be able to view, filter for, or download administrative logs.



    What's Next