Versie 9.1van ownCloud server is uitgekomen. OwnCloud is een opensourceproject waarmee het mogelijk is om in eigen beheer cloudopslag te draaien. Het is eenvoudig op te zetten, want het enige dat je nodig hebt, is een server waarop php en MySQL draaien. Behalve het opslaan en delen van bestanden is het ook mogelijk om bijvoorbeeld muziek te streamen of een agenda en adresboek bij te houden. De server heeft Linux nodig, clients zijn beschikbaar voor Windows, Linux, macOS, Android en iOS. Nieuw in versie 9.1 is onder meer de mogelijkheid om in te loggen door middel van een tweetrapsauthenticatie.
ownCloud 9.1 Comes with Integrated Two-Factor Authentication
Today ownCloud announced the availability of Version 9.1 of its file access software. The new version comes with numerous improvements for community and enterprise users. Users of the ownCloud Community Edition can now conveniently update and install ownCloud Contacts, ownCloud Calendar and ownCloud Mail from the App Store. The issue of authentication has also been addressed, primarily for use in enterprises, but also for private users.
“We have incorporated several improvements and new features into ownCloud v9.1 that makes using it faster, more stable and secure,” states Holger Dyroff, COO responsible for product strategy at ownCloud. “Besides addressing advanced two-factor authentication and the improved handling of Windows network drives, these improvements also include permalinks for internal shares and tagging at a group level, which enterprises were particularly interested in seeing. What’s special about this is that most of the changes are available in the Community and Enterprise Edition.”
Integrated 2-Factor Authentication Provides More Security
Until now, it has only been possible to perform secure two-factor authentication using SAML/Shibboleth. In the new version of ownCloud, the authentication method has been modified to allow additional technologies and tokens to be used via plugins. This not only improves access security, but also provides administrators with an option for disabling individual tokens. Time-based one-time passwords (TOTP) enable users to automatically increase the security of their accounts by using services like Google Authenticator or the open-source implementation of the TOTP standard.
Based on the new framework, external providers can develop apps that also prompt the user for a second factor when they login with their ownCloud password. This prevents traditional brute force attacks and protects sensitive data even more reliably. Users can only access their data if they know their password and are also in possession of the second factor. One example of this type of extension is privacyIDEA from NetKnights GmbH, that makes flexible, multi-factor authentication possible. In this case, ownCloud forwards verification of the second factor to the privacyIDEA authentication server. Here, different token types, such as traditional hardware one-time password tokens, smartphones or YubiKeys can be used. You can find out more about privacyIDEA at: https://netknights.it/produkte/privacyidea/
Workflow Engine and Windows Server Notifications
The workflow engine represents a powerful new feature for enterprise customers. Triggers can be placed on new or modified files, while scripts of any type can be run. This allows documents to be converted automatically into PDFs or sent to a specific recipient by e-mail. In conjunction with the retention app, the file firewall and integrated tagging, it also allows numerous workflows to be addressed for integration into business processes.
Another highlight of the new version is the handling of Windows network drives – until now, SMB shares needed to be scanned periodically for changes, because the server could not process automatic notifications. This led to problems, especially on large enterprise installations, where scanning files on volumes containing 100,000 files or more took too long, new changes usually took place before the scan was complete. ownCloud 9.1 Enterprise can now handle notifications directly from Windows network drives as a technology preview, making complete file scans obsolete.