{"id":100508,"date":"2022-06-14T18:28:44","date_gmt":"2022-06-14T18:28:44","guid":{"rendered":"https:\/\/www.sperrysoftware.com\/Email-Tools\/?p=100508"},"modified":"2022-06-15T16:35:36","modified_gmt":"2022-06-15T16:35:36","slug":"tightening-security-in-safeguard-send-for-office-365","status":"publish","type":"post","link":"https:\/\/www.sperrysoftware.com\/Email-Tools\/tightening-security-in-safeguard-send-for-office-365\/","title":{"rendered":"Tightening Security in Safeguard Send for Office 365"},"content":{"rendered":"<p>As <a href=\"https:\/\/www.sperrysoftware.com\/Email-Tools\/product\/safeguard-send-for-office-365\/\">Safeguard Send for Office 365<\/a> matures, it&#8217;s important to tighten up security as more and more customers begin using it.\u00a0 As a result, we will be implementing security features in the add-in, <i>and if you use this add-in, some changes will impact you in the next 30 days<\/i>.\u00a0 We have implemented the following:<\/p>\n<p>1) <strong>We turned off debugging by default<\/strong>.\u00a0 You can always turn it back on, but previously it was the default to have it on during the early stages of development.\u00a0 As the add-in gets more use, we no longer need all that information and are defaulting to not having debugging enabled for all users.<\/p>\n<p>2) Although using &#8220;https&#8221; is the default for the add-in, it was possible to be able to also use the non-secure version if needed (that is, by using just &#8220;http&#8221;).\u00a0 Going forward, <strong>we now force the use of &#8220;https&#8221;<\/strong>.<\/p>\n<p>3) In combination with #2, <strong>we also force TLS 1.2<\/strong> (we previously allowed TLS 1.0 and 1.1).<\/p>\n<p>4) Previously, the add-in fetches your rules by calling out to our server and it uses your email address in the URL to get your rules.\u00a0 <strong>We now embed any email address into the body of the fetch instead of being in the URL<\/strong>.\u00a0 This required a change to both the client side and the server side of the add-in.\u00a0 Note that because we use https and not plain old http, that the email address was never in danger of being exposed &#8211; but some web analyzers can capture the complete URL you are navigating to and as we grow we want to avoid prying eyes wherever possible.<\/p>\n<p>5) <strong>We now enforce the use of API-Keys<\/strong>.\u00a0 This is a &#8220;secret handshake&#8221; between your browser and our server (this is different than just https encryption).<\/p>\n<p>6) <strong>We now perform request validation checks<\/strong> to prevent script attacks.<\/p>\n<p>7) <strong>We implemented a new installation URL<\/strong> (https:\/\/addins.sperrysoftware365.com) for both better security and greatly improved performance (through the use of a cache known as a CDN).<\/p>\n<p>These last two changes are big because they will be a breaking change &#8211; that is, <i>once implemented it will prevent your current version from working unless you upgrade.<\/i><\/p>\n<p>The first part of this upgrade took place over the last 30 days.<\/p>\n<p>The next part is up to you, because <strong>you have until Wednesday, July 6th to <a href=\"\/Email-Tools\/how-to-remove-office-365-apps\/\">remove<\/a> and <a href=\"\/Email-Tools\/installing-safeguard-send-for-office-365\/\">re-add the add-in<\/a><\/strong>.\u00a0 We will of course send out reminders until that time to make sure that no one gets locked out when we finalize the changes on Wednesday, July 6th.<\/p>\n<p>We expect this inconvenience to be a one time event.<\/p>\n<p>To help you, we have refreshed our guide to removing and re-adding the add-in.\u00a0 <strong>You can begin by following our guides to <a href=\"\/Email-Tools\/how-to-remove-office-365-apps\/\">removing the add-in<\/a>, then <a href=\"\/Email-Tools\/installing-safeguard-send-for-office-365\/\">adding it back in<\/a><\/strong>.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>As Safeguard Send for Office 365 matures, it&#8217;s important to tighten up security as more and more customers begin using&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17,18],"tags":[2830],"class_list":{"0":"post-100508","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-message","7":"category-technical-support","8":"tag-safeguard-send-for-office-365"},"menu_order":0,"_links":{"self":[{"href":"https:\/\/www.sperrysoftware.com\/Email-Tools\/wp-json\/wp\/v2\/posts\/100508","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sperrysoftware.com\/Email-Tools\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sperrysoftware.com\/Email-Tools\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sperrysoftware.com\/Email-Tools\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sperrysoftware.com\/Email-Tools\/wp-json\/wp\/v2\/comments?post=100508"}],"version-history":[{"count":0,"href":"https:\/\/www.sperrysoftware.com\/Email-Tools\/wp-json\/wp\/v2\/posts\/100508\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.sperrysoftware.com\/Email-Tools\/wp-json\/wp\/v2\/media?parent=100508"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sperrysoftware.com\/Email-Tools\/wp-json\/wp\/v2\/categories?post=100508"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sperrysoftware.com\/Email-Tools\/wp-json\/wp\/v2\/tags?post=100508"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}