Release Summary
This release introduces the Atakama Keyshard Server (KSS). Unlike traditional key servers, the KSS holds key shards only, thereby eliminating a central point of attack and failure. Organizations can use the KSS for three primary purposes:
- Ensure automated processes can run as expected without the need to have users launch sessions for file decryption events.
- Use the KSS to decrypt files without the need for users to use mobile devices.
- Use the KSS to manage user sessions to eliminate the need for mobile device activity.
The KSS can be deployed to approve requests based on preconfigured policies that are controlled by the administrator, thereby allowing intended operations to perform file decryptions. KSS policies consist of a series or combination of rules and rule sets.The KSS instance and its profile are used to directly support its intended functionality, which is to perform decryptions. The KSS cannot be used to share encrypted files with end users.
New Features
- Administrators can now configure Keyshard Servers to manage user sessions. End users can initiate sessions on their mobile devices, then temporarily transition the session to the Keyshard Server for all subsequent requests during the session.
- When activating a Secure Folder, administrators can now verify that the Security Group has been approved for use in that folder by a trusted Atakama Profile.
- It is now possible to activate and grant access to Secure Folders from the command-line interface.
- The "atakama file info" subcommand has been added to the command-line interface.
- Administrators should now see a popup notification when performing a recursive encryption, with the option to cancel the encryption process.
Upgrade Notes
- Secure Folders now have global identifiers. When performing a sharing action on an existing Secure Folder, users may be prompted to supply a global identifier for the folder if one does not already exist.
Bug Fixes and Performance Enhancements
- The performance of directory listings has been greatly improved.
- The "Grant Access" button in the Access Management window is now more prominent.
- Resolved a bug that caused temp Office files (e.g., ~$xyz.docx) to be encrypted while running a recursive encryption process from the command-line interface.
- Resolved a bug that would prevent Atakama from starting when "Run as Admin" was used to launch Atakama.
- Memory consumption was optimized on Atakama startup.
- Improved reliability when shutting down Atakama followed by immediate start up.
- Improved error logging related to flawed Secure Folder paths in the command-line interface.
- When using the command-line interface or context menu to encrypt empty files, the resulting .kama file will also be empty to save disk space.
- Resolved an issue with unexpected MofNops requests being triggered.
- Desktop.ini files created by Windows and other software are now hidden within the Atakama Vault.
- Improved handling of Atakama Vault paths longer than 260 characters.
- Resolved an Explorer crash bug that impacted some Windows 11 users.