Release Notes

Introduction

This release notes offer brief, high-level descriptions of the new features of HaloSHARE. We recommend looking through these release notes before installing HaloSHARE to understand any current limitations or bugs that apply to this version of the software.

Product Description

HaloSHARE, a labeling solution, can easily overcome the challenge by encrypting the files without user intervention with a simple drag-and-drop into a specific local folder on a HaloSHARE-installed machine. This means that any file moved within the HaloSHARE's radius (configured folder) is encrypted and protected from accidental file sharing and unauthorized access. As a result, this labeling solution protects your data as it travels within and outside of your organization.

System Requirements

The following system requirements table specifies the minimum and recommended technical specifications, such as software and network resources, necessary to run the product.

Components

Details

Operating System

Supported in Microsoft Windows Server: 2016 and above. Note: HaloSHARE can also run on a Windows client machine, but it is recommended to run it on a server system.
Requires .NET Framework 4.6.2 and above.
Latest Windows system updates installed.

Office 365 Subscription

An Azure subscription is required to use Azure RMS and the MPIP functionality.
A working Microsoft Entra ID service must be available.
Microsoft Purview Information Protection must be fully configured.
HaloSHARE creates an outbound network communication with Microsoft Azure Services.
TLS 1.2 or higher must be enabled to ensure the use of cryptographically secure protocols.
Register an application to get the Application (client) ID and Tenant ID in the Azure portal.

Requirements

Recommended URLs, Addresses, and Ports for MPIP

MIP SDK doesn't support the use of authenticated proxies. So, make sure you set the Microsoft 365 service endpoints to bypass the proxy. View a list of endpoints at Microsoft Online Documentation. However, Microsoft recommends the following:

Addresses	Ports
`*.protection.outlook.com` `40.92.0.0/15`, `40.107.0.0/16`, `52.100.0.0/14`, `52.238.78.88/32`, `104.47.0.0/17`, `2a01:111:f403::/48`	TCP 443
`.aadrm.com`, `.azurerms.com`, `.informationprotection.azure.com`, `ecn.dev.virtualearth.net`, `informationprotection.hosting.portal.azure.net`,`.office.com` (add `substrate.office.com` if you don't want to add all sub-domains), `crl3.digicert.com`, `crl4.digicert.com`.	TCP 443
For event logging `*.events.data.microsoft.com`	TCP 443
National Cloud	Microsoft Entra ID authentication endpoint
Microsoft Entra ID for the US Government	`https://login.microsoftonline.us`
Microsoft Entra ID (global service)	`https://login.microsoftonline.com`

Recommended endpoints

Secude License Manager

To communicate with Secude License Manager, the following URL and port must be whitelisted in the customer's proxy:

Address	Port
License API - api.licensespring.com	TCP 443

Recommended license manager endpoint

Code Quality and Security

Secude focuses on software quality and security. This is accomplished by adhering to and exceeding best practices in development, testing, and quality control. Secude has chosen SonarQube as the first building block for building and implementing a robust continuous code quality assurance (QA). SonarQube is a platform for statical code analysis for continuous inspection of code quality. It performs automatic reviews of code to detect bugs, code smells, unit test coverage, and security issues in 29 programming languages.

SonarQube is utilized throughout the development process at Secude and only the highest marks are accepted for a product to be released. It helps to regulate code quality from the beginning of development, find and repair issues promptly, and improve overall software stability.

Each build report can be found under its relevant version heading in this release notes.

Reliability Rating

A = 0 Bugs
B = at least 1 Minor Bug
C = at least 1 Major Bug
D = at least 1 Critical Bug
E = at least 1 Blocker Bug

Security Rating

A = 0 Vulnerabilities
B = at least 1 Minor Vulnerability
C = at least 1 Major Vulnerability
D = at least 1 Critical Vulnerability
E = at least 1 Blocker Vulnerability

Security Review Rating

The Security Review Rating is a letter grade based on the percentage of Reviewed (Fixed or Safe) Security Hotspots.

A = >= 80%
B = >= 70% and <80%
C = >= 50% and <70%
D = >= 30% and <50%
E = < 30%

Maintainability Rating

A=0-0.05, B=0.06-0.1, C=0.11-0.20, D=0.21-0.5, E=0.51-1

The Maintainability Rating scale can be alternately stated by saying that if the outstanding remediation cost is:

<=5% of the time that has already gone into the application, the rating is A
between 6 to 10% the rating is a B
between 11 to 20% the rating is a C
between 21 to 50% the rating is a D
anything over 50% is an E

Build 1.1

New Features

This section lists the new features in the current release.

Support for enabling the FIPS module has been added to the installer UI and administration tool. HCFP-127
Support has been added for masking and allowing clear text visibility of Personally Identifiable Information (PII) in the MIP SDK logs using the registry key block_pii. HCFP-162, HCFP-163
Support for relabeling an existing label on a protected file by selecting a suitable label in the HaloSHARE configuration UI. Additionally, it is also possible to remove protection by applying the Remove Protection label. This feature is exclusive to MPIP labels only and is achieved by enabling the registry key enable_relabeling=on. HCFP-160

Fixed Issues

This section lists the fixed issues in the current release.

Fixed an issue that caused an "unhandled exception error" when the Add Supplier button was clicked after an incorrect value was previously entered in the Folder path field and subsequently the correct value was input in the same field. HCFP-147

Known Issues

There are no known issues in the current release.

Quality Gate Report

Please see the table below for a list of SonarQube's key parameters for this version. Refer to the "Code Quality and Security" section for more information on rating definitions.

Metric	Value
Coverage	81.6%
Maintainability Rating	A
Reliability Rating	A
Security Hotspots Reviewed	A
Security Rating	A

Quality Gate report