What's New in Hub Business 2024.1
2024.1 (March 2024)
SUMMARY
After offering you a mid-release in January, we’re bringing you even more features in the new 2024.1 update!
- NEW: Single Sign-on Self-hosted Encryption Service
- IMPROVED: Gateway Installation and Management
- IMPROVED: Defaulted the vault selector position to ''In the Sidebar''
- COMING SOON: Passkey Credential Entry
NEW: Single Sign-On (SSO) Self-hosted Encryption service
Organizations using SSO authentication will be thrilled by the arrival of the Encryption Service. This self-hosted service eliminates the need to send individual invitations to users from your SSO provider. Enable seamless onboarding across multiple devices by automatically providing your users with the Hub encryption key.
What is the Hub Encryption key?
Sensitive data in Devolutions Hub is securely encrypted, ensuring that no one besides you can read it — not even Devolutions. We strictly adhere to a zero-knowledge encryption concept to protect your data.
To decrypt and access your data, a unique key is needed. Generally, this key is tied to your Devolutions account password. Every Devolutions Hub user's account password acts as its own private key.
However, users who sign in to Hub via their SSO ID provider (IdP) often won’t have this password. During the onboarding process, we encourage users to store their Private Key using one of two methods: either by downloading a QR code or by setting up push-notification validation with the Devolutions Workspace Authenticator.
Normally, a device and browser will recognize the current user accessing Hub, eliminating the need for this Private Key. However, the Private Key is required when the user switches devices or browsers, since they will be prompted to validate themselves with this key using their chosen storage method.
To avoid this inconvenience, we recommend installing the Encryption Service. Whether you’re already set up or want to start using SSO, the new Encryption Service will facilitate seamless user onboarding — Install it today!
Requirements
- A self-hosted server on which to install the Encryption Service
- A trusted SSL certificate.
- A network port that is reachable from within the local network and, if applicable, from the Internet.
Recommendations
- We recommend installing the Encryption Service on an Azure Virtual Machine, with an Azure template coming soon.
- If you have Remote Desktop Manager (RDM) users who use offline access, we recommend that you enable the Hub system setting, **“**Force Application Password on RDM.” This setting will force RDM users to set the security option “Application Password” in RDM. With an added application password, additional local Remote Desktop Manager files are encrypted.
IMPROVED: Gateway installation and management
Devolutions Gateway is a secure remote network access relay that provides authorized just-in-time access in segmented internal networks. Once installed on a self-hosted server and configured in Hub, Gateway enables users to open secured sessions directly in Remote Desktop Manager or through the browser within Hub itself without needing a VPN.
We’ve made several improvements to Gateway’s integration with Devolutions Hub:
- Improved Gateway installer for simplified configuration
- Direct Gateway configuration updates from Hub with the “Publish Gateway configuration” action
- Clearer connection status icons and one-click open session termination
- Quick access to Gateway logs to troubleshoot issues
IMPROVED: Defaulted the vault selector to “in the sidebar”
During the Hub mid-release, we gave you a sneak preview of the 2024 UI when we introduced the new “in the sidebar” vault selector position. With the arrival of the 2024.1 release, the sidebar is the official default position for the vault selector! With the first updates to the look and feel of our products now complete, we hope you love the changes as much as we do.
Don’t worry, if ever you want to change the position back to “on top of the tree view,” you can quickly do so in the user interface preferences.
COMING SOON: Passkey credential entry
In just a few weeks, the Devolutions Workspace browser extension will be able to store Passkeys within Hub! Passkey support is a big part of our efforts to make signing in without passwords easier.
Once you create a Passkey on any site, save it to Hub with the Devolutions Workspace browser extension .This feature automatically allows the browser extension to sign in to websites using your stored Passkey.