SaaS Apps

New Feature

Prevent malicious or accidental deletion of snapshots using Data Lock

You can enable the Data Lock feature to make users, SaaS Apps, and snapshots immutable till their retention period. Enabling the Data Lock feature prevents malicious modification, accidental deletion, or tampering with critical data by rogue administrators and anyone with compromised credentials.

Note: The Data Lock feature is available on both Enterprise and Elite editions.

The following SaaS Apps support this feature:

• M365
  • Exchange Online
  • OneDrive
  • SharePoint
  • Teams
  • Groups
  • Public Folder
• Google Workspace
  • Gmail
  • Google Drive
  • Shared Drive

       ►Here is a glimpse of the update for Exchange Online

       ►Here is a glimpse of the update for Groups

Customer action required: None.

For more information, see Data Lock.

Enhancement

Enhanced Microsoft 365 user import with Azure AD Mapping

User import with Azure AD is enhanced with the following capabilities:

• Deploy users using Azure AD Groups to leverage custom Azure AD mappings - You can now configure Azure AD Groups as a method to import users in inSync. With this enhancement, the user onboarding is simplified, wherein you can effectively import different categories of users per your business requirements and manage their backup configurations, such as profile and storage, efficiently.

        For more information, see About Azure AD Integration user deployment.

       ►Here is a glimpse of the update

• On-demand syncing of users deployed using Azure AD - With the newly introduced Sync Now option, you can sync users in Azure AD with users in inSync to ensure that at any point in time all the users to be protected are in inSync.  

        For more information, see  Sync users.

       ►Here is a glimpse of the update

• Enriched information and enhanced filters for viewing the Azure AD Mappings - The Azure AD Mapping Listing page is enhanced with the following capabilities:
  • Displays the last user sync time and date. You can now be sure of the point in time till when the users were synced.
  • The Filter Users by column displays the user import method that is used along with the mapping name. You can now quickly and precisely identify the method used for different mappings without opening the details.
  • You can now easily filter the mappings based on a method with the User Filter Method filter.

         For more information, see Users page.

       ►Here is a glimpse of the update

Customer action required: None.

Enriched information and enhanced filters for viewing the SCIM Mapping

The SCIM Mapping Listing page is enhanced with the following capabilities:

The Filter Users by column displays the user import method that is used along with the mapping name. You can now quickly and precisely identify the method used for different mappings without opening the details.
You can now easily filter the mappings based on a method with the User Filter Method filter.

Customer action required: None.

For more information, see Users page.

Seamless access to the SharePoint Online sites

The SharePoint Online listing page now loads 100 sites at a time based on selected sorting and filters. You must scroll to view the following 100 sites. This enhancement ensures faster and seamless access to the SharePoint Online sites on the listing page, especially when you have many sites.

Note: The delete, enable, and disable operations apply only to the sites loaded on the page.

Endpoints

New Feature

Prevent malicious or accidental deletion of snapshots using Data Lock

You can enable the Data Lock feature to ensure your snapshots for different users and devices are immutable till the set retention period. This feature prevents modification, accidental deletion, or tampering with critical data by rogue administrators or anyone with compromised credentials.

Note: The Data Lock feature is available on both  Enterprise and Elite editions.

    ►Here is a glimpse of the update

Customer action required: None.
For more information, see Data Lock.

Enhancement

Extend duration for Backup Inactivity Alert

You can now extend the duration of the Backup Inactivity Alert for a profile up to 1000 days. With this enhancement, inactive users will not receive backup inactivity alert notifications for the set duration.

    ►Here is a glimpse of the update

Deprecated

Deprecation of inSync Share

End Of Life (EOL) date for inSync Share is September 30, 2022. After this date, all services related to inSync Share will be unavailable. For more information, contact support.

Data Governance

Enhancement

Sensitive Data Governance: Support for Google Workspace MIME types for compliance violations

Important:  For existing customers, Druva has triggered re-scans of the latest backup, and findings should be visible for same once completed.

We have added support for additional  MIME types specific to Google Workspace. When a compliance scan occurs, file extensions (and their MIME types) from the supported list are scanned based on specific sensitive data pattern criteria, and violations are flagged and reported as compliance violations.

The following Google Workspace native files' MIME types are now supported by inSync to report compliance violations:

• application/vnd.google-apps.document
• application/vnd.google-apps.presentation
• application/vnd.google-apps.spreadsheet

For more information, see Files extensions (and their MIME types) scanned for compliance violations.

Customer action required: None

Cloud Platform

Enhancement

Self-service experience for updating SSO SAML certificates

As a part of SSO configuration, if you are using CSP (Druva) SSL certificate; such certificates have an expiry of a year. You can now easily update these certificates on your own without any intervention from Support.

You can update these certificates 30 days before expiry. You will receive an email notification and messages in the Druva Console to notify you about the certificate expiry. You need to download the certificate and update it in the IdP.

    ►Here is a glimpse of the update

For more information, see Update SSO SAML certificate.

Cyber Resilience

New Feature

Refreshed Data Loss Prevention (DLP) page

We have refreshed the Data Loss Prevention (DLP) page to provide an enhanced and intuitive user experience.

Here is a preview of the Data Loss Prevention (DLP) page.

Key highlights

• All the information on the DLP Summary card is now consolidated into a single card.

• Added a filter option. Moved the Profiles, Storage selection, and statuses (Traced, Normal, On Hold, and so on) as criteria under this filter to sort the listing.

 

Customer action required: None
For more information, see Data Loss Prevention Overview page.

Known Issues

 

Issue	Description
INS-41268	The conferencing details for the calendar meeting invites are not backed up and restored when you download an event.
INS-70351	Restoring Microsoft 365 Groups data for GCCH tenants fails with errors.

August 19, 2022

CloudCache Server v5.8 for GovCloud

A new CloudCache server is now available that is FIPS compliant.

Customer action: Upgrade to Cloud Cache Server v5.8 patch.

Revision

 

Product	Revision
CloudCache Server v5.8 patch	r110281

Download the latest CloudCache Server v5.8 here. 

For more details, contact Support.

SaaS Apps

New Feature

Support for Microsoft Groups Data Protection

You can now protect Groups metadata and Group sites.

How does this new feature benefit you:

Customer Action Required: Reconfigure the Microsoft 365 app to get the updated permissions.

Check out the video-based Quick Reference Guide and the detailed documentation to get started.  

►Here is a quick overview video

Introducing Microsoft 365 Basic app with limited permissions

Microsoft 365 Basic app is now available for protecting Exchange Online, OneDrive, SharePoint Online, Microsoft Teams, and Public Folders. This app does not seek the Directory.ReadWrite.All permission, helps administrators comply with organizational security and compliance policies and meet the organizational goal for data protection.

For more information, see Configure Druva inSync for Microsoft 365.
Customer action required: None.

Configure retention period for Teams metadata and conversation backups 

The data backup retention period for Teams metadata and conversation backups is now configurable. Moving forward, you can decide how to retain your backups with more flexibility and effectively manage your recovery point objectives. With this enhancement, you can meet your compliance requirements effectively by ensuring that only the required backups are retained while others expire.

Note: Your existing forever retention setting will be retained till you don't configure them. 

For more information, see Configure Teams for backup and restore. 

►Here is a glimpse of the update

Protect shared mailbox users in Preserved state 

You can now protect shared mailbox users in the preserved state regardless of the Shared Mailbox user's Azure AD sign-in status.

With this enhancement, you can protect the data of the preserved shared mailbox users in case of accidental deletions or ransomware attacks.

Customer Action required: None.

For more information, see backup a Shared Mailbox.

Endpoints

New Feature

Microsoft Edge is now Supported in System Settings Backup

You can now back up Microsoft Edge System Settings when you enable a Persona Backup.

For more information, see System Settings Backup.

Inactive status at device level

The inactive status is now associated with a device and is no longer applicable to the status of the last backup. 

We have added the following enhancements:

►Here is a glimpse of the update

inSync Client v7.1.0 for GovCloud

New Feature

Enhanced inSync Client interface experience

The UI enhancements are as follows:

Note: The option is not available for folders configured by an administrator.

►Here is a glimpse of the update

You now get a dynamic inSync menu bar icon that automatically adapts the background color and matches the theme when switched between the light mode and the dark mode.

Revision

 

Product	Revision details
inSync Client	Windows: r110285 macOS: r110285 Note: Druva has not released a new version of iinSync Client for Linux OS with inSync Client v7.1.0. You can continue using inSync Client v5.9.x for Linux with inSync GovCloud.

For more information, see inSync Cloud support and EOL policies. 

Download the latest inSync Client here. 

For upgrade instructions, see Upgrade inSync Client.

Data Governance

New Feature

Sensitive Data Governance: Change to Violation Preview text download

If the preview text for file violations is more than 64 KB in size, you have to download the file to view complete details.

For more information, see How do I download non-compliant files and violations list for offline review.

Customer action required: None

eDiscovery: Collect and preserve additional data sets of custodians

With Additional Data Collection (ADC) capability, you can define additional data sets for collection in a stealth mode.
In addition to the data configured for backup, you can configure specific folders for data collection from Mac and Windows devices without any assistance from IT admins. Only legal admins can access and download this data. This flexibility and confidentiality of collection ensure that you can act quickly in times of need and secure the required data.

For more information, see Additional Data Collection.

Customer action required: None

eDiscovery: A new version of eDiscovery Download Client for inSync Gov Cloud

You can now install and download the latest v 1.2.2 eDiscovery Download Client version for Windows and Mac OS from the Downloads page.

For more information, see Support Matrix for eDiscovery Download Client.

Cloud Platform

New Feature

Self-service experience to reset forgotten password

If you forget your password, you can now reset it independently without requiring another DCP administrator to do that for you. Simply, click on the Forgot Password link on the login screen and the one-time-use password reset link will be sent on your registered email ID. For more information, see Reset forgotten password.

►Here is a glimpse of the update

 

Fixed Issues

 

Issue	Description
INS-51044	The Restore Full Team option doesn't get triggered if the team has a private channel and a private channel site backed up. However, other restore options are working fine.
INS-51044	Fixed an issue wherein the Restore Full Team option doesn't get triggered if the team has a private channel and a private channel site backed up.
INS-19336	Exchange Online: Fixed an issue wherein the administrators, with only SSO login mechanism, are unable to download the Exchange Online data as a PST.
INS-62487	SharePoint Online: Fixed an issue wherein rendering the list of documents in Document Library containing more than 5k files takes longer than usual during a site restore. Now only 3k documents are listed in Document Library.
INS-47776	SharePoint Online: Fixed an issue wherein the administrator had to manually disable ‘Deny Add And Customize Pages’ to restore site pages for a site. Restore activities now automatically manage this setting to restore the site pages.
INS-23368 (UI Stats Requirement 1)	Fixed an issue wherein there was a mismatch in the Backup Summary statistics when you drill down from the Endpoints dashboard page to the Jobs->Last Backups page.
INS-65231	Fixed an issue wherein the backup status for devices on the User details page showed incorrect status as Backed up with errors when the backup is completed successfully.

Known Issues

 

Issue	Description
INS-41268	The conferencing details for the calendar meeting invites are not backed up and restored when you download an event.
INS-70351	Restoring Microsoft 365 Groups data for GCCH tenants fails with errors.

SaaS Apps

Enhancement

Microsoft 365, Google Workspace, and Slack: Prevent accidental deletion of users and workloads

You will now have to enter a reason for deleting a user or a workload. The reason for deletion is captured in the Admin Audit Trail.

Customer action required: None.

►Here is a glimpse of the update

 

Microsoft 365 and Google Workspace: Filter and sort user accounts or shared drives based on status

As an admin, if you have configured multiple user accounts or shared drives, finding an account or shared drive with a specific backup status or app status gets time-consuming. Druva now simplifies this process with the following updates on the listing page for Exchange Online, OneDrive, Gmail, Google Drive, and Shared Drives.

For more information, see Manage SaaS Apps.

Microsoft 365: Support for Azure Active Directory (AD) Conditional Access policies

Enhanced data access security using Azure AD Conditional Access policies is now supported!

If you have defined Azure AD Conditional Access policies for your Microsoft 365 tenant, you can now extend its security features to the Druva Microsoft 365 data protection services. This benefits your security posture by ensuring that the app authentication process follows the organizational policies by supporting the Conditional Access workflow. 

Customer action: If you are an existing customer, you must reconfigure your Microsoft 365 app.

►The following illustration explains the app configuration failure scenario when the Conditional Access policy is not satisfied.

For more information, see Support for Azure Active Directory (AD) Conditional Access policies.

Microsoft 365: Default exclusion of Teams Meeting Recordings from backups

OneDrive and SharePoint backups will exclude all files from the default folder path of Teams  Meeting Recordings (TMR) to ensure optimized backup speed to meet SLAs.

Note: This feature is applicable only for Microsoft Teams sites and OneDrive.

Customer action required:

►Here is a glimpse of the update

For more information, see Exclusion of Teams Meeting Recordings from backups.

Refined permissions during app configuration

Configuration of Druva Microsoft 365 apps will now use a refined set of permissions to ensure the following:

For more information, see Microsoft 365 Permissions for Druva App.

Customer action required: Existing customers can optionally reconfigure the Druva Microsoft 365 app to update to new refined permissions. No action is required from new customers.

SharePoint - Monitor backup progress in Live Activities

You can monitor the progress of full scan and incremental backups based on the count of backed-up items against the estimated items to back up.

For more information, see View Live Activities.

►Here is a glimpse of the update

Click the Status hyperlink on the Live Activities page

Exchange Online - Updated license allocation for users with shared and resource mailboxes

Updated license allocation for Exchange Online users with shared and resource mailboxes is now available, wherein:

Note: This updated license allocation is applicable for new users only. The user’s license consumption will be visible on the Dashboard in the subsequent releases.

For more information about adding users to your profile, see Associate and add users.
For more information about this feature, contact Support.

Endpoints

Enhancement

Enhanced user interface for the Storage listing and details page

The Storage listing and Storage details pages are refreshed to provide an intuitive experience for administrators. In the system tray menu, the access path label name for Storage List is changed to Storage.

Customer action required: None.

For more information, see  the following articles:

►Here is a glimpse of the update

View and download device replacement details in the Audit Trails

Use the User Audit Trail capability to view and download the device replacement details in .html and .csv formats for auditing purposes.

Customer action required: None.

For more information, see the following articles:

►Here is a glimpse of the update

Prevent accidental deletion of users and devices

You will now be prompted to provide a reason when you delete a user or a device. This capability will help prevent accidental deletions, and the reason will be captured in the Admin Audit Trail for auditing.

Customer action required: None.

For more information, see the following articles.

►Here is a glimpse of the update

Device mapping notification for users with data privacy enabled

When a device mapping is created for a user with the data privacy option enabled, we will notify the user and the administrator via email. This capability mitigates a potential threat when a rogue administrator attempts to gain unauthorized access to user data.

Note: To disable email notifications, contact Support.

Customer action required: None.

For more information, see create device map.

Enriched device mapping experience

The device mapping experience is enhanced, wherein you can now: 

Customer action required: None.

►Here is a glimpse of the update

Device mapping page

Import Device Map CSV

For more information, see

Activate a preserved user and enable a disabled device Actions via API

You can now use APIs to activate a preserved user and enable a disabled device.

Customer action required: None

For more information, see Activate a user and Enable a device​ ​API reference documentation on the developer portal.​​

View storage quota assigned and consumed in bytes via API

You can now use the following attributes added to the API response to display the storage quota assigned and consumed (in bytes).

Customer action required: You will need to update any response validations for APIs according to the new API response.

Updated Devices and Jobs page navigation

We have moved the Devices and Jobs page from the top navigation menu to the Endpoints left navigation menu.

►Here is a preview of the Devices and Jobs navigation

Refreshed Devices page

We have refreshed the Devices page to provide an enhanced and intuitive user experience.

►Here is a preview of the Devices page

The following UI enhancements are made on the Devices page:

For more information, see Devices.

Details tab

►Here is a preview of the Details tab

 

For more information, see Device Details.

Backups tab

The Backups tab lists all the snapshots of the selected device. For more information, see the Backups.    

►Here is a preview of the Backups tab

DLP tab

All the information on the DLP tab is now organized into 2 cards - Device Location and Details.

►Here is a preview of the DLP tab

 

Note: DLP tab is visible only for the Enterprise and above license editions.

Enhanced User provisioning report

The user provisioning report is now updated with 3 new columns - Endpoints Usage, Microsoft 365 Usage, and Google Workspace Usage to view the workload-wise storage consumption patterns of users. This information is required for internal auditing purposes.

►Here is a glimpse of the update

For more information, see user Provisioning Report.

Legal Hold

Enhancement

Create custom admin roles with a combination of both Legal and Non-Legal rights

Now Legal Admins can do much more than Legal Hold management!

►Here is a glimpse of the update

Additionally, Non-Legal admins can now access Legal Hold management

Note: Based on the rights you are adding to an existing role you need to manually provide access to workloads, profiles, or legal hold types to all administrators associated with this role. See Manage Rights for more information.

Introducing new Legal Hold Management rights for enhanced granular access

The following three new Legal Hold Management rights are added:

►Here is a glimpse

For more information about Legal Hold Management rights, see Legal admin role.

inSync Compliance is now Sensitive Data Governance

We have now renamed all instances of Compliance to Sensitive Data Governance in the inSync Management Console.

Cloud Platform

Enhancement

Extended expiration time for first Druva Cloud Administrator invite

The expiration time for the first Druva Cloud Administrator is updated from 72 hours to 7 days.
 

Fixed Issues

 

With this release the following issues were fixed.

Issue	Description
INS-13548	SharePoint Online: Fixed an issue wherein the restore status is displayed as Restore Successful on the administrator console for a failed restore task.
INS-43923	Exchange Online: Fixed an issue wherein the downloaded PST file does not contain any data when searching in the restore tab.
INS-46670	Fixed an issue with user mapping causing inconsistency in the import workflow.
INS-37425	Fixed an issue wherein auto-importing users fail during the sync process when added a new mapping using Azure AD.
INS-42828	SharePoint Online: On-prem sites were included during the auto-discovery process. This issue is now fixed to discover online sites only.
INS-42595	Exchange Online: Fixed an issue wherein the backup fails while listing in-place archive folders with the “m:SyncFolderItemsResponseMessage” error.
INS-22720	Exchange Online: Fixed an issue wherein the PST file fails to download for some folders due to an internal error.
INS-40144	Fixed the issue wherein the user search via email is not functioning correctly for user audit trails.
INS-13126	SharePoint Online: Fixed the issue with restore of SharePoint data wherein the extraction of the downloaded archive fails.
INS-38067	Exchange Online: Fixed an issue wherein the Contacts restore fails when the contact field name and email-id are empty.
INS-39826	Exchange Online: Fixed an issue for internal errors, by adding tracebacks to the existing functionality to avoid backup failures.
INS-38921	In the recurring series of Calendar events, the respective edited occurrence event is not getting backed up.
INS-43788	Exchange Online: Fixed an issue wherein the Last backup details page displayed incorrect backup status.
INS-17574	Fixed the issue wherein the recently activated devices were getting auto-deleted.
INS-40144	Fixed the issue wherein the user search via email is not functioning correctly for user audit trails.
DCP-4528	The Backup activity- Daily trend chart was showing the same color for canceled, failed, and queued status. This has been fixed and the chart now displays distinct, user-friendly, and separate colors.

 

Known Issues

 

Issue	Description
REAL-18169	Unable to search data for users who are not on Legal Hold from the Federated Search page if the administrator is created with a custom role (including both non-Legal Hold and Legal Hold rights).
DCP-5895	When an administrator creates a custom role with both non-Legal Hold and Legal Hold rights, assigns it to a new administrator, and selects/deselects the Legal Hold types in the Access Control section, the workload and profile is deselected. Workaround - After selecting/deselecting the Legal Hold Type, select the Workload and Profile again.

SaaS Apps

Enhancement

Microsoft 365

Public folder: Graceful handling of split mailboxes

Starting from this release, we bring you enhanced and automated Public folder management when mailboxes are split automatically in Microsoft.

If mailboxes are split for any of your existing Public folders, the Public folder workload selection page will display a duplicate folder in the disabled state with -old suffix in the name of the Public folder.

Customer Action: You must delete duplicate folders to manage your Public folders efficiently. 

For more information, see Manage Public folder.

►Here is a glimpse of the update

Support for Azure Active Directory (AD) Conditional Access policies

Enhanced data access security using Azure AD Conditional Access policies is now supported!

If you have defined Azure AD Conditional Access policies for your Microsoft 365 tenant, you can now extend its security features to the Druva Microsoft 365 data protection services. This benefits your security posture by ensuring that the app authentication process follows the organizational policies by supporting the Conditional Access workflow.

Customer action: Contact Support to sign up for the Conditional Access policy feature. If you are an existing customer, you must reconfigure your Microsoft 365 app after you have signed up for this feature by contacting Support.

►The following illustration explains the app configuration failure scenario when the Conditional Access policy is not satisfied.

For more information, see Support for Azure Active_Directory (AD) Conditional Access policies.

Audit Trails for Teams Downloads

You can now track the Team's downloads from the audit trails. 

On the Audit Trails page, you can view details of when an administrator downloads a teams' data.

►Here is a glimpse of the update

For more information, see Audit Trails.

Successfully restore Teams when Microsoft 365 group naming policy is enabled 

You can now successfully restore teams when you have Microsoft 365 group naming policy enabled.

The new restored team is created as per the new Microsoft 365 group naming policy in the following cases:  

►Here is a glimpse of the update

For more information, see Restore Teams.

Multi-Geo backup notifications with site geolocation and user PDL updates

Ensuring compliance with data localization now gets easier!

To help you meet your data localization needs, we have enhanced the Multi-Geo backup notification for your Microsoft 365 workloads. Effective this release, the following notifications are available to administrators:

►Here is a glimpse of the update

For more information, see:

Multi-Geo Support for SharePoint Online and Teams

Multi-Geo Support for Exchange Online and OneDrive users

Audit trails for Teams Conversations views

The audit trails for Teams are enhanced to track Conversations viewed by the administrator. 

On the Audit Trails page, you can view details of when an administrator viewed a single conversation or entire Teams' conversation.

►Here is a glimpse of the update

For more information, see Audit Trails.

SharePoint: Improvements to Live Activities

Now monitor SharePoint restore activities with the help of real-time restore statistics!

The SharePoint restore activity status from the Microsoft 365 Jobs -> Live Activities page now displays additional statistics to track the progress and health of ongoing restore activities.

How do these statistics help you?

►Here is a glimpse of the update

For more information, see Live Activities.

Filter Microsoft Teams as per the last backup status and Sub Apps

The Filter on the Teams page is enhanced to allow you to filter Microsoft Teams based on the combination of: 

How does this enhancement benefit: 

Administrators can use these filters to easily identify Teams where one or more Sub Apps have failed backup status.

►Here is a glimpse of the update

For more information, see SaaS Apps Details Page.

Support for Full Team Restore

The Full Team Restore option is now available. Using this option, you can restore the entire Team, channel contents, and settings along with the entire content and settings of the underlying Teams Site.  

For more information, see Full Teams Restore.

How does this enhancement benefit:

With a single click, administrators can recreate an entire Team and its underlying Team Site content. 

►Here is a glimpse of the update

Refined permissions during app configuration

Configuration of Druva Microsoft 365 apps will now use a refined set of permissions to ensure the following:

For more information, see Microsoft 365 Permissions for Druva App.

Customer action required: None.

Endpoints

Enhancement

Simplified active and preserve license rationale

We have simplified the consumption approach to active and preserved licenses for Endpoints, Microsoft 365, and Google Workspace workloads. This will enable you to import any or all users into Druva without consuming a license until an Endpoint is activated or Microsoft 365/Google Workspace has started the first backup for a user.

Customer action required: There is no customer action required. The changes will be implemented with the cloud update. For more information, contact Support.

Active License consumption rationale

How it works today: When a user is added or imported into Endpoints, Microsoft 365, and Google Workspace workload, an active license is consumed.

How it will work from January 29, 2022: Based on the updated active license rationale, an active workload license (Microsoft 365, Endpoints, or Google Workspace) will be consumed by a user only when the user’s first device is activated or when a backup is successfully initiated for an application.

 

►This section explains the active Endpoints license consumption logic with an example

For Endpoints:

• Active Endpoints license will be consumed when the user’s first device is activated.
• If the user has 2 devices, then only one Endpoints active license will be consumed when the first device is activated.

Note: When you exceed the active license threshold including the buffer allowed (5% of license allocated or 100 whichever is lower), you would need to contact Support to procure additional licenses to continue backing up additional users.  Failing to procure additional active Endpoints licenses would result in failure of device activation for additional Endpoints users.

Example: The following example illustrates how the active license will be consumed for Endpoints if a user, say “User 1”, has a laptop and a mobile device, then one Endpoints active license will be consumed when the first of the two devices (laptop or mobile) is activated. The activation of the second device of User 1 will not result in the consumption of another Endpoints active license.

The following table illustrates with an example how the active license will be consumed for Endpoints. 

Total users added	500
Total Endpoints active license allocated	300
Total users with at least one device activated	100
Total Endpoints active license consumed	100

►This section explains the active SaaS Apps (Microsoft 365 or Google Workspace license consumption logic with an example

For each SaaS Apps workload (Microsoft 365 or Google Workspace), an active license for the respective workload will be consumed when the first backup is successfully initiated for any application of that workload.

Note: When you exceed the active license threshold and the buffer allowed  (5% of license allocated or 100 whichever is lower), you need to contact Support to procure additional licenses to continue backing up the Microsoft 365 and Google Workspace additional users. Failing to procure additional active Endpoints licenses would result in failure of the first backup for additional Microsoft 365 & Google Workspace users.  

The following example illustrates how the active license will be consumed for Google Workspace and Microsoft 365

Example 1: If User1 has 2 Google Workspace applications - Gmail and Drive, and Gmail backup is successfully initiated first and Drive backup is successfully initiated later, then only one Google Workspace active license will be consumed when the Gmail backup is initiated. When the Drive backup is initiated, the Google Workspace active license will not be consumed again.

The following example shows how the active license is consumed for Google Workspace

Total users added	300
Total Google Workspace active license allocated	200
Total count of users for which at least one Google Workspace application backup is successfully initiated	100
Total Google Workspace active license consumed	100

Example 2: The following example shows how the active license is consumed for Microsoft 365

Total users added	300
Total Microsoft 365 active license allocated	200
Total count of users for which at least one Microsoft 365 application backup is successfully initiated	100
Total Microsoft 365 active license consumed	100

Preserved license consumption rationale

How it works today – When you mark the user as preserved, one preserve license is consumed.

How it will work from January 29, 2022 – When you mark the user as preserved, the preserve license of the respective workload will be consumed by a user based on the workload that is backed up.

►The following example illustrates how the preserve license will be consumed for Endpoints, Google Workspace, and Microsoft 365

Example 1: Let’s say User1 is backed up for Microsoft 365 workload and you have marked the User1 as preserved, then one Microsoft 365 preserve license will be consumed.

Example 2:  If you have marked the User1 as Preserved and User1 has backed up Endpoint device(s), then one Endpoint preserve license will be consumed and the Endpoint active license will be freed up.

Example 3: If you have marked the User1 as Preserved and User1 has backed up one Microsoft 365 application and Endpoint device(s), then one Microsoft 365 preserve license and one Endpoints preserved license will be consumed, and one Microsoft 365 active license and one Endpoints active license will be freed up.

Example 4: If you have marked User1 as Preserved and User1 has not backed up any Endpoint device, or Microsoft 365 or Google Workspace application, then User1 will be marked as Preserved but the preserve license will not be consumed for any workload.

Active and preserved licenses rationale for existing customers

For existing customers, starting January 29, 2022, active and preserved licenses will be calculated based on the following upgrade rationale: 

Active License

Preserved License 

►The following example illustrates how the allocated preserved license count is calculated for existing customers

Example 1: If you have both Endpoints and Microsoft 365 workloads, wherein the allocated user preserve license count is 500 (including free and purchased), then based on the updated preserve license rationale, the allocated preserve license of Endpoints will now be 500 and the allocated preserve license of Microsoft 365 will now be 500.

The actual preserve license consumption count for each workload would be updated based on the total count of preserved users for that workload.

Example 2: The following example illustrates how the allocated and consumed preserve license count would be calculated after the upgrade:

Preserve license details before upgrade:

The total preserve licenses allocated	500
The total number of preserved users	300
The total number of users with no devices preserved	50
The total number of users with Endpoints devices preserved	200
The total number of users with M365 devices preserved	250

Workload-based allocated and preserve license consumption count after upgrade:

The total number of M365 preserve licenses allocated	500
The total number of Endpoints preserve licenses allocated	500
The total number of M365 preserve licenses consumed	250
The total number of Endpoints preserve licenses consumed	200

User creation limit

Current user creation limit: The total number of users that can be added for Microsoft 365, Google Workspace, and Endpoints is directly related to the total number of licenses allocated.

Updated user creation limit: There is no cap on the number of users that can be added for Microsoft 365, Google Workspace, and Endpoints as it is not related to the number of licenses allocated.

►The following example illustrates the updated user creation logic

Total Endpoints license allocated	100
Total Microsoft 365 license allocated	100
Total users that can be added	No limit

Note: When a user is added for Endpoints, Microsoft 365, and Google Workspace, the license status will be unlicensed by default.

Reports

►In addition to a few minor enhancements to the existing reports, the following new reports are added to show licensing information.

• Endpoints License Usage Report

• Microsoft 365 License Usage Report

• Google Workspace License Usage Report.

Alerts

►The following new alerts are added to show licensing information.

• Endpoint Active License Limit Reached Threshold.
• Endpoints Active License Limit Reaching Threshold.
• Endpoints Preserved License Limit Reached Threshold.
• Microsoft 365 Active License Limit Reached Threshold.
• Microsoft 365 Active License Limit Reaching Threshold.
• Microsoft 365 Preserved License Limit Reached Threshold.
• Google Workspace Active License Limit Reached Threshold.
• Google Workspace Active License Limit Reaching Threshold.
• Google Workspace Preserved License Limit Reached Threshold.

For more information, see Alerts.

UI changes

►Here are a few highlights of the UI changes implemented with January 29, 2022, release.

Overview page

On the Overview page of Endpoints, Google Workspace, and Microsoft 365 workloads, a new card is added to show the count of total active and preserve license allocated as well as consumed.

Users page

On the Users page:

• A new User Summary card is added to show the total number of users added for Endpoints, Microsoft 365, and Google Workspace workloads.

• New Endpoints, Microsoft 365, and Google Workspace workloads cards are added to show the total number of active and preserve licenses consumed.

• New filters are added to filter the active licensed, preserve licensed, and unlicensed users from the list of all users for each workload.

• Remove License option is added to remove the license.

Note: Removing license will delete data sources, backed up data of the selected workload, and free up the active or preserved license.

Updates to Live Activities navigation

We have changed the navigation path of the Live Activities page to provide a workload-specific view of ongoing activities, wherein you are now redirected to the workload-specific Jobs->Live Activities page.

►Here is a glimpse of the update

For more information, see Live Activities.

Enhancement to Endpoints List all Devices API

We have enhanced the Endpoints  List all devices API by introducing an additional input parameter - deviceMarkedInactive that, when set to True, will list the devices that are marked as inactive. This new parameter will help you identify the devices that are marked as inactive from the list of all devices easily.

We have also modified the response to show deviceMarkedInactive attribute for each device.

Try it out today!

New URL for inSync Workloads and Services

With this update, inSync Workloads and Services will now launch with the new URL – insyncgov.druva.com to host the web traffic.

The New URL will provide additional security advantages and better performance.

Customer Action Required: Add insyncgov.druva.com to the allowed domains list in addition to the existing govcloud.druva.com domain.

Note: Both the old URL (govcloud.druva.com) and the new URL (insyncgov.druva.com) will be operational.

Data Governance

Enhancement

Legal Hold (eDiscovery): Zip format support for eDiscovery data download

We have simplified the data download handling for Legal administrators through the ZIP download format support.

With this enhancement, you can download and export the eDiscovery data in ZIP format. All the data within the ZIP file is forensically safe as data integrity checks are performed on the data by default.

For more information, see:

Federated Search: Optimized search query

We have now enhanced the Federated Search query to use AND as the default operator along with the exact keyword match when you perform a multi-keyword search.

This enhancement helps you fetch refined and high-quality results by restricting the display of unnecessary search results generated due to prefix matches and the use of OR operators.

►Here’s an example of File Search and Email Search

File Search

Email Search

For more information, see guidelines to search files and emails.

A new version of eDiscovery Download Client for inSync Gov Cloud

You can now install and download the latest v 1.2.1 eDiscovery Download Client version for Windows and Mac OS from the Downloads page.

For more information, see Support Matrix for eDiscovery Download Client.

Cloud Platform

Enhancement

Separate cards to show licensing-related information for each workload

On the Druva Cloud Platform->Account Details page, we have introduced the following cards for each workload to view licensing information of each workload separately.

Customer action required: There is no customer action required. The changes will be implemented with the cloud update. For more information, contact Support.

►Here is a glimpse of the update

• Endpoints
• Microsoft 365
• Google Workspace
• Salesforce
• Hybrid Workloads
• Ransomware recovery.
• Cloud DR.

For more information, see Account Details. 

The license consumption information for Endpoints, Microsoft 365, and Google Workspace will be displayed according to the updated license consumption rationale.  

Separate Storage summary card

We have added a separate Storage summary card to view storage information of Endpoints, Microsoft 365, and Google Workspace. For more information, see Account Details.

►Here is a glimpse of the update

Updated listing for Native Workloads

The Native workloads listing is now updated to display only the workloads that can be protected. Other feature-specific links will be accessible from the Native Workloads user interface. 

►Here is a glimpse of the update

Track all the active support cases from a single place

You can now easily track all your active support cases (associated with your customer ID) opened with Druva from the newly introduced Active Support Cases section on the Druva Cloud Platform Console. 

►Here is a glimpse of the update

For more information, see Introduction to Druva Cloud Platform Console.

View all the third-party integrations details from a single place 

You can now get information about all the third-party integrations Druva leverages in one place from the Integration section. 

Druva has partnered with various third-party applications to help simplify customers’ business operations. By plugging into Druva’s API-based integrations, you can tap into new sources of data, improve existing business processes and reuse existing resources to automate business policies. 

So now if you want to know about the third-party integrations Druva leverages, you know where to go. 

For more information, see Introduction to Druva Cloud Platform Console.

inSync Client

Deprecated

Deprecation of inSync Client v6.2.0

End Of Life (EOL) date for inSync Client v6.2.0 for Windows and macOS is February 01, 2022. After this date, you will not receive any security fixes or support for any issues on this version. All support services for the product will be unavailable.

Fixed Issues

With this release, the following issues were fixed.

Fixed Issues

 

Issue	Description
INS- 36577	Exchange Online: Fixed an issue wherein downloading attachments gave the ”The specified object was not found in the store” error.
INS-31405	Exchange Online: Fixed an issue with in-place restores for Contact with empty mobile phone number.
INS-37597	Exchange Online: Fixed an issue with calendar events, wherein the restore of some calendar events failed.
INS-32347	SharePoint Online: Fixed an issue wherein deleted files were not removed from skipped items causing backup errors.
INS-25663	SharePoint Online: Fixed an issue wherein the SharePoint sites were not disabled in inSync after the site URL update.
INS-24558	SharePoint: Fixed an issue wherein restoring files from a folder with special characters in the folder name fails with the ‘Permission Denied’ error.
INS-32392	Fixed the issue wherein Total Collected Data showed negative value for custodians on the Legal Hold page.
INS-18491	Gmail: Fixed an issue wherein a PST file download for a Contact does not display the file content.
INS-24552	Google Drive: Fixed an issue wherein the Google Drive data source selection page displays incorrect backup data size for users.
INS-25836	Google Drive: Fixed the issue with incorrect backup data statistics displayed on the Google Drive backup overview page.
INS-31770	Fixed an issue wherein, when you create a custom role, and if you don't select a role from the Import Rights from drop-down list, you are not allowed to create the role.
INS-25614	Fixed the issue wherein the stale alert for the decommissioned AD connector was visible on the Manage Alerts page.
INS-25569	Fixed the issue wherein the stale alert for the decommissioned cloud cache servers and AD connectors were visible on the Manage Alerts page.
INS-37969	Fixed an issue wherein a user was receiving the “Low user storage space available” alert even after setting the Endpoints storage quota to unlimited.
INS-39967	Fixed an issue with the filters on the Users page wherein the filters don’t apply if the search results exceed the default page size of 100 entries.
INS-37726	Fixed an issue wherein the Get link option from inSync Share context menu for inSync Windows clients was not working.
INS-32392	Fixed the issue wherein Total Collected Data showed negative value for custodians on the Legal Hold page.
INS-33303	Fixed an issue wherein if you navigate to the Administrator details page from the inSync Management Console->  ->Manage Administrators, an Unexpected Error message is displayed. This error is displayed only when the administrator (for example, Admin1) who created another administrator (for example Admin2), is deleted from the database.
INS-36006	Fixed the issue observed on Safari browser wherein the user list did not render on the Users page.
INS-31770	Fixed an issue wherein, when you create a custom role, and if you don't select a role from the Import Rights from the drop-down list, you are not allowed to create the role.
INS-37421	inSync Client: Restricted inSync processes to load .dll files only from system paths.

• On-demand syncing of users deployed using Azure AD - With the newly introduced Sync Now option, you can sync users in Azure AD with users in inSync to ensure that at any point in time all the users to be protected are in inSync. 
  For more information, see  Sync users.

         ►Here is a glimpse of the update

  

  • Enriched information and enhanced filters for viewing the Azure AD Mappings - The Azure AD Mapping Listing page is enhanced with the following capabilities:
    • Displays the last user sync time and date. You can now be sure of the point in time till when the users were synced.
    • The Filter Users by column displays the user import method that is used along with the mapping name. You can now quickly and precisely identify the method used for different mappings without opening the details.
    • You can now easily filter the mappings based on a method with the User Filter Method filter.

         ►Here is a glimpse of the update

  

  Enriched information and enhanced filters for viewing the SCIM Mapping

  The SCIM Mapping Listing page is enhanced with the following capabilities:

  • The Filter Users by column displays the user import method that is used along with the mapping name. You can now quickly and precisely identify the method used for different mappings without opening the details.
  • You can now easily filter the mappings based on a method with the User Filter Method filter.

  Customer action required: None

  For more information, see Users page.

  Prevent malicious or accidental deletion of snapshots using Data Lock

  You can enable the Data Lock feature to make users, SaaS Apps, and snapshots immutable till their retention period. Enabling the Data Lock feature prevents malicious modification, accidental deletion, or tampering with critical data by rogue administrators and anyone with compromised credentials.

  Important: The Data Lock feature is available on both Enterprise and Elite editions.

• • M365
    • Exchange Online
    • OneDrive
    • SharePoint
    • Teams
    • Groups
    • Public Folder
  • Google Workspace
    • Gmail
    • Google Drive
    • Shared Drive
  • application/vnd.google-apps.document
  • application/vnd.google-apps.presentation
  • application/vnd.google-apps.spreadsheet
  • All the information on the DLP Summary card is now consolidated into a single card.
  • Added a filter option. Moved the Profiles, Storage selection, and statuses (Traced, Normal, On Hold, and so on) as criteria under this filter to sort the listing.
  • Recover Groups data and avoid any business disruptions caused due to data loss in case of accidental deletion or ransomware attack.
  • Auto-configuration and retention settings that help in reduced time and efforts to protect Groups data.
  • One-time configuration to secure, manage, track, monitor, and get notified of compliance risks of Groups data in your organization.
  • A new icon  against inactive devices on the Devices and the Backup Jobs pages, to indicate the device connectivity state.
  • A new Device Connectivity filter on the Jobs and the Devices pages lists active and inactive devices.
  • Option to remove a folder from the Backup & restore Window
  • Redesigned branding and contact information
  • Filter user accounts or shared drives by Last backup Status and App status.
  • Sort user accounts or shared drives by Last Backup Status and Status Details.

  • If you want to back up TMR files, configure the site collection or auto-configuration settings for SharePoint or user profile settings for OneDrive. For more information, see Configure Site Collection, Auto-Configuration Settings, and OneDrive user profile settings.

  • The OneDrive & SharePoint sub-app now includes the Group.Read.All permission, which is required to exclude TMR files from SharePoint backups. Hence, if you have configured the OneDrive & SharePoint sub-app only, you must reconfigure the sub-app.

  • Access to your tenant is available with a minimal set of permissions

  • Druva does not require any non-essential higher-level permissions for data protection and does not involve any security risks

  • Your Microsoft 365 license will give 50% additional licenses for shared and resource mailboxes without any additional storage.
    For example, if you have 100 licenses with Microsoft 365, then you will get additional 50 licenses only for shared and resource mailboxes. If the storage quota was 5000 GB, then 5000 GB will be shared with 100 Microsoft 365 users and 50 shared and resource mailboxes. 

  • Adding a new user will consume the respective license from the user Microsoft 365 license or shared/resource mailboxes license.

  • Storage listing
  • Storage details
  • Device replacement for remote AD, non-AD, and SCIM users
  • Mass device replacement for AD, non-AD and SCIM users
  • Activate inSync Client manually

  • Delete Devices

  • Delete Users

  • Access the Device Mappings page from the left navigation pane.

  • View the following additional information:

    • Source from where the device mapping is created, for example, API, CSV.

    • Name of the administrator or the Client Credential who created the device mapping.

  • Access the Import Device Map CSV and Delete Mapping buttons from the upper left side of the Device Mappings page.

  • Quickly import device maps from the re-designed Import Device Map CSV dialog box.

  • View the device mapping actions in the Admin Audit Trail.

  • Create device map
  • Import device map
  • Delete device map

  • A new Summary card is added to view the total count of devices and the operating system-based count of devices.

  • The Restore Data button is provided to restore data to devices.

  • New filtering options are added to filter the list of devices based on the device status and device operating system.

  • In the list view, 100 devices are displayed by default. You can use the scroll bar to view the next set of devices in batches of 100.

  • New visual indicators are added to indicate:

    • the backup status and upgrade status of each device.

    • If the device belongs to a Legal Hold user.

    • If the device has system settings backup configured.

  • All the information on the Details page is now organized into 3 cards - Device Details, Backup Summary, and Backup and Retention Settings.

  • On the Details page, Last Connected field is added.

  • New visual indicators for Device OS Platform, Device Status, Client Version Upgrade Status, and Last Backup Status are added.

  • Device Location - If the device trace settings are enabled from the Profiles, the device can be traced on the World map as a dot. On the hover of the dot, the device name is displayed.

  • Details - In the Details card, you can now find the following information:

    • You can view the status of device trace, DLP, encryption, and auto-delete, as well as view the date and time when the device was last connected. 

    • Options to decommission a device, mark it as normal, and keep the device on hold from auto-deletion are provided.

  • You will have a provision to assign Non-Legal Hold Management rights (for example, Workload management rights) even to a Legal Admin role.

  • This will help Legal Hold administrators perform other activities like viewing users, devices page and stats, access download logs, check profile settings, additional reports, changing profile settings, etc. as well.

  • You will have a provision to assign the Legal Hold Management rights even to a Non-legal administrator role - Compliance Admin, Data Protection Officer, Help Desk Admin, Profile Admin, View Only Admin, Workload Admin, or any custom role.

  • This will help Non-legal administrators perform Legal Hold management activities as well.

  • View legal hold clients.

  • Manage legal hold clients.

  • Delete legal hold clients.

  • When you restore to a new team

  • When you restore a deleted team

  • The SharePoint Site Summary page notifies administrators if the site geo location is not mapped to storage.

  • The SharePoint Site Settings section from the SharePoint Site Summary page notifies administrators to update the storage after completing the storage mapping.

  • The User Details page helps administrators to identify changes to Preferred Data Location (PDL) and update the storage accordingly for Exchange Online and OneDrive users.

  • The administrators will receive timely email notifications when a site geo location or user PDL changes and requires storage mapping.

  • Get to know the size of restored data

  • Check the health of the ongoing activity using the API throttling statistics

  • Keep track of the number of restored and skipped files

  • Get to know the current restore path

  • Last Backup Status: Backed Up Successfully, Backup Failed, Backed Up with Errors, Never Backed Up

  • Sub App: Team Metadata, Team Site, Team Conversation
    Note: Sub App filter is enabled only after you select the Last Backup Status.

  • Access to your tenant is available with a minimal set of permissions.

  • Druva does not require any non-essential higher-level permissions for data protection and does not involve any security risks.

  • For Endpoints:

    • There is no limit to the number of users that can be imported. 

    • Users without devices can also be imported without impacting the license consumption

    • An active license is consumed only when a device is activated

    • When a user is preserved, the preserved user license is consumed from the pool of preserved user licenses allocated to Endpoints.

  • For Microsoft 365 and Google Workspace
    • There is no limit to the number of users that can be imported
    • License is consumed only when user data is backup has started
    • When a user is preserved, the preserved user license is consumed from the pool of preserved user licenses allocated to the respective application.

  • The license consumption information of each workload can be viewed in the newly added reports.

  • Independent management and consumption of active and preserved licenses of Endpoints, Microsoft 365, and Google Workspace workloads.

  • The rationale behind the active licenses allocated per workload will remain the same.  

  • The actual active license consumption count for each workload would be updated based on the total count of active users backed up for that workload.

  • The current allocated preserved user license count would be available at each licensed workload level as the allocated preserved license count.

  • Support matrix for eDiscovery Download Client

  • Initiate a download with eDiscovery download client