🆕Two-Factor Authentication, App Productivity & Admin Logs (v7.0.1)

CurrentWare version 7.0.1 is here! With this release we’re excited to announce the introduction of two key security features: Two-factor authentication (2FA) and our first two admin activity logs!

These enhancements provide an extra layer of security to help ensure that only trusted operators are accessing your admin console while providing greater visibility into what they are doing within the CurrentWare Suite.

Here’s what’s new in CurrentWare version 7.0.1:

1. New Security Features—Two-factor authentication (2FA) & admin activity logs
2. BrowseReporter Tracking Improvements—Factor in application use into the employee productivity score | Track visits to intranet web pages, portals, and IP addresses | Weekly performance report email
3. Quality of Life Improvements—BrowseReporter’s dashboards load up to 200% faster, we’ve integrated an improved SMTP client for email reports/alerts, and various smaller fixes

CurrentWare 7.0.1 is fully compatible with Windows 11 and previous versions of Windows. See our system requirements for full details.

Learn more about updates to CurrentWare in the release notes.

New Security Features

With version 7.0.1 we’re excited to introduce two new security features: Two-factor authentication (2FA) & admin activity logs. 

Security enhancements such as these are essential layers of protection for further ensuring that only trusted operators and admins have access to review data and make changes to security policies. 

Future releases will build on this first batch of admin activity logs with greater visibility into how trusted operators are interacting with the CurrentWare Suite, allowing security and compliance teams to keep records of admin interactions within the web console.

Two-Factor Authentication (2FA)

The introduction of 2FA to the CurrentWare Suite provides an extra layer of security to ensure that administrator and Operator accounts are only accessed by trusted users. 

Once 2FA is set up the admin/operator will enter their password as normal. Following that, they will be prompted to provide a second factor of authentication such as a time-based one-time password (TOTP) sent via SMS or via an authentication app.

CurrentWare version 7.0.1 supports SMS and authenticator apps such as Google Authenticator or Microsoft Authenticator as second factors for 2FA.

2FA enforcement can be set to either Strict or Moderate. With Strict 2FA all operators/admins are required to set up 2FA before they log in. With Moderate 2FA all operators/admins have the option to use 2FA but it is not required.

Learn More: How to Enable Two-Factor Authentication in CurrentWare

About Operator Accounts

The added authentication and admin activity auditing features introduced in version 7.0.1 build on an existing feature within the CurrentWare Suite: Operator Accounts

All of the modules in the CurrentWare Suite support Operator Accounts. These password-protected accounts are created by the administrator to provide trusted employees with access to select functions or user/PC groups within the CurrentWare Suite. 

Operator Accounts are assigned permissions by the administrator to limit what modules, specific features, and groups of users/computers that each Operator can interact with.

Example Use Cases for Operator Accounts:

• Allow managers to only access the computer activity data of their direct reports
• Provide managers/teachers with the ability to unblock websites that their users need access to
• Give analysts direct access to user activity data without allowing them to make changes to security policies
• Allow non-admin IT staff to selectively monitor and control specific functions within the CurrentWare Suite

With the introduction of 2FA and admin activity logs both administrators and trusted Operators can be further secured to help mitigate the risk of unauthorized access or improper use of the CurrentWare Suite. 

Learn More: How to Assign Operator Permissions

Admin Activity Logs

UPDATE: Version 7.0.2 (released September 2022) introduced the Audit Log. With the audit log, the CurrentWare Suite now documents every change made to your CurrentWare security policies and configurations, which operator was responsible for the change, and when the change occurred. | Learn More

In version 7.0.1 we have introduced the first two admin activity logs: Web Console Login Activity and BrowseControl Client Policy Updates. Both logs can be exported to a CSV or PDF file. Only those with the Administrator role can see these logs.

In future releases we will provide additional admin activity logs that provide greater insights into how trusted admins and operators are interacting with the Web Console. 

Web Console Login Activity

The information provided in the login activity report provides records of the operators and administrators that have logged into the CurrentWare Web Console.

The ability to track the login activity of admins and Operators within the CurrentWare Web Console is an important security measure for deterring and detecting anomalous activity. 

The Web Console Login Activity log provides the following information:

• Timestamp
• Operator Name
• Login Status (Success/Failed)
• Operator Role
• Operating System
• Browser
• Language
• 2FA Status (Enabled/Disabled)

Note: This is not the same as enPowerManager’s user logon auditing report; that report tracks login/logout times on endpoints. The new sign-in activity log specifically tracks logins to your CurrentWare Web Console by your administrators and operators.

Learn More: How Do I See Recent Login Activity?

BrowseControl Client Policy Updates Log

The new web filter client update log for BrowseControl provides a simple and convenient way for administrators to verify that their security policies are being received as expected by each of their client computers.

This log is particularly useful when managing remote and hybrid users as the CurrentWare Client typically connects to the CurrentWare Server via the internet. If an offsite device is offline during a policy update its CurrentWare Client will typically receive the update as soon as the device reconnects to the internet and the Client reconnects to the CurrentWare Server; the client update log can then be used to verify that the policy was updated as expected.

In the event that a client fails to automatically update as expected the administrator can simply click the refresh button under the action column in BrowseControl’s client update log to push the policy update to the client again. 

NOTE: Under normal circumstances, the CurrentWare Server and Clients will automatically sync any pending policy updates. BrowseControl’s web filter client update log provides an added layer of verification that the client computers have successfully received the latest security updates.

The Web Filter Client Update Log provides the following information:

• Timestamp
• Name of the client computer that received the policy update
• The group that the client computer belongs to
• # of URLs/Categories updated

Learn More: How Do I Verify That My Client Computers Are Getting The Latest BrowseControl Filtering Policies?

Tracking Improvements for BrowseReporter

Track Intranet Web Pages, Portals, and IP Addresses

Previous versions of BrowseReporter focused on tracking URLs/Domains. With the release of version 7.0.1 we’ve expanded the scope of BrowseReporter’s user activity tracking to include the ability to track intranet web pages, portals, and IP addresses that users visit.

This improvement will allow organizations to get insights into how their users are spending their time within internal resources and internet/intranet pages that don’t have a URL/Domain structure. 

Track Productivity Based on Both App & Internet Use

In previous releases, BrowseReporter’s productivity tracking created a productivity score based on the amount of time spent on unproductive vs productive vs neutral internet browsing. This allowed organizations to get a high-level overview of how much time was spent browsing work-related vs non-work-related websites.

In version 7.0.1 BrowseReporter’s user productivity tracking reports and dashboards will now also factor in unproductive vs productive vs neutral application use as part of the productivity score. 

This update helps improve the utility of the productivity score by factoring in non-work-related software use such as computer games.

BrowseReporter includes default productivity gradings for websites and applications. These gradings are fully customizable within the Productivity Grading window, allowing you to adjust the productivity score to fit the context of your organization.

For example, you can set work-related apps and websites as productive, default system apps as neutral, and computer games and social media as unproductive.

Learn More:

• How to Track Productivity With BrowseReporter
• How Is The Productivity Score Calculated?

Weekly Performance Report Email

This new email report for BrowseReporter sends a summary of your team’s productivity over the course of the week. The report can be sent to as many designated inboxes as needed.

When setting up the report you can choose which groups of users or computers are included in the performance report and which inbox(es) the report will go to. 

For example, you can set up a weekly performance report email that sends a manager a weekly summary of the performance of their direct reports.

Here’s what’s included in the weekly performance report email:

• Date range
• A list of which users/computers are included in the report
• Productivity score of the whole team + the % change from the previous period
• Amount of productive time 
• Amount of unproductive time
• Amount of active time
• Top 5 websites visited, how long was spent using each, and their productivity classification
• Top 5 applications used, how long was spent using each, and their productivity classification
• A breakdown of the Top 10 most productive users with their name, productivity score, time spent being productive/unproductive/neutral, and their overall active time

Learn More: How to Set up the Weekly Performance Report Email

Quality of Life Improvements

With each CurrentWare release we include quality of life improvements such as performance improvements, bug fixes, and minor features that make the CurrentWare Suite even easier to use. Here is an overview of the latest quality of life improvements in version 7.0.1.

1. Improved Email Client: Replaced SmtpClient with MailKit, an improved cross-platform .NET library for IMAP, POP3, and SMTP. The inclusion of MailKit will greatly improve the performance and usability of email reports and alerts, particularly for large organizations with several alerts and reports configured.
2. Dashboard Performance: The performance of BrowseReporter’s user activity dashboards have been increased significantly, allowing them to load data up to 200% faster.
3. Special Characters: We’ve added support for additional special characters in the Web Console.
4. Optimizations & Bug Fixes—The CurrentWare team is committed to providing an easy-to-use and high quality product. In each release we dedicate time to optimizing the performance and usability of our solutions. This version introduces 30+ minor changes and bug fixes.

Conclusion

CurrentWare version 7.0.1 is available now. To get access to the latest features you will need to update your CurrentWare deployment. If you’re new to CurrentWare you can get started today with a free 14-day trial of the latest version.

See More CurrentWare Product Updates:

• Audit Logs, Activity Drilldown, USB File Blocking Upgrades (v7.0.2)
• Two-Factor Authentication, App Productivity & Admin Logs (v7.0.1)
• AccessPatrol USB Activity Dashboards & User Idle Time Alerts (v7.0)
• Data Dashboards for BrowseReporter Monitoring Software (v6.0.2)
• Screenshot Monitoring, Request URL Unblocking, & More! (v6.0.1)
• Web Console & Let Employees See Their Data On-Demand (v6.0)
• Full Historical Release Notes