New Features in Accops Workspace macOS Client version 7.0.1.1088
MFA Only
This feature introduces a passwordless multi-factor authentication (MFA) method designed to enhance security and improve user experience. Instead of requiring users to enter a traditional password, the Login with MFA Only option allows users to log in by providing their username and verifying their identity through various MFA methods. These methods include SMS OTP, Email OTP, Push Notifications, or Mobile Tokens.
Supported Client platforms and Gateway compatibility
This new feature is supported in the client modes listed below and is compatible with the HySecure Gateway versions 5.4 SP6, 7.0, and above.
| Supported Client modes on macOS | HySecure 5.4 -SP2/5.4 SP5 | HySecure5.4 SP6 | HySecure 7.0 |
|---|---|---|---|
| Client Modes:Admin/Standard Users | No | Yes | Yes |
HySecure Gateway Configuration
Kindly reach out to the Accops support team for assistance with the Gateway Configuration.
Bookmark (Local Application)
In previous versions, only remote applications could be published through the HySecure Gateway. However, starting with this client release, applications that are local to the endpoint device can be published. This new capability is called the "Bookmark" feature.
HySecure Gateway Configuration
Please note that the configuration for this feature on the HySecure Gateway must be done from the backend only.
Kindly reach out to the Accops support team for assistance with the Gateway Configuration.
Supported Client platforms and Gateway compatibility
This feature is supported in the client modes listed below, as well as with HySecure Gateway version 5.4 SP6 and HySecure Gateway versions 7.0 and above.
| Supported Client modes on macOS | HySecure 5.4 -SP2/5.4 SP5 | HySecure 5.4 SP6 | HySecure 7.0 |
|---|---|---|---|
| Client Modes:Admin/Standard Users | No | Yes | Yes |
Important
IMPORTANT SECURITY NOTICE This feature allows command-line operations to be executed directly on the user's machine. Extreme caution is necessary when configuring commands, as improper use can cause significant harm to the device or network.
Safety Guidelines
-
Never configure destructive commands, such as rm, sudo, reboot, shutdown, dd, or mkfs. These can result in irreversible data loss or system damage.
-
Avoid commands that require user interaction, such as read, passwd, or interactive scripts, as they can cause the process to hang or fail.
-
Refrain from using system-altering commands, such as chmod, chown, or mount, unless you are certain they are safe and properly contained.
-
Do not permit execution of downloaded scripts, such as curl | sh, wget | bash, as these are common vectors for exploits.
-
Limit command usage to safe, user-level application launchers, such as open, xdg-open, google-chrome, firefox, libreoffice, etc.
-
Always validate and sanitize any user input that will be incorporated into command strings to prevent shell injection attacks.
-
Implement logging or auditing for any commands that users can define or modify via a UI or configuration file.
Misuse of command execution capabilities can create security vulnerabilities, lead to data loss, or compromise system integrity. Use this feature responsibly and ensure that you fully understand the associated risks.
Auto Login
Auto login in the Accops Workspace client refers to a feature that allows users to automatically log in upon client launch, without requiring manual entry of credentials each time.
When auto login is enabled, the client will attempt to log in automatically each time it starts, streamlining access for users and reducing the need for repetitive credential entry.
Administrators can configure this setting via the HySecure Gateway management console.
Supported Client platforms and Gateway compatibility
This feature is supported in the client modes listed below, as well as with HySecure Gateway version 5.4 SP6 and HySecure Gateway versions 7.0 and above.
| Supported Client modes on macOS | HySecure 5.4 -SP2/5.4 SP5 | HySecure 5.4 SP6 | HySecure 7.0 |
|---|---|---|---|
| Client Modes: ยท Admin/Standard Users | No | Yes | Yes |
HySecure Gateway Configuration
Kindly reach out to the Accops support team for assistance with the Gateway Configuration.
Important
-
When auto login is enabled on the Gateway, users must first log in with their credentials. Subsequent logins will then proceed automatically using the auto-login feature.
-
During the upgrade process of the Workspace client, auto login is disabled. After upgrading the client via the HySecure Gateway, users must log in once using their credentials; auto login will then resume for subsequent sessions.
-
For optimal performance of the auto login feature, ensure that MFA and Captcha are disabled, as these require manual input during login.
-
If auto login is disabled, users must exit and relaunch the client to fully stop the auto login process.
-
If a login attempt fails and auto login repeatedly fails, the client will halt auto login to allow the user to update their credentials.
-
If the last login was performed using SAML authentication, the auto login feature will be disabled.