Support Center

1st Time Use

Last Updated: Mar 15, 2019 01:25PM PDT
This article describes configuration-specific tasks SSProtect executes after Login, almost always with your 1st Login after Registration or SignUp, and sometimes at other times as noted.

Introduction
The :Foundation Client is configured to start each time you login to Windows, and doesn't shutdown except when you specifically Exit from the notification tray's context menu. The software runs in the background, non-intrusively, waiting for actions to which it must respond. At that time, SSProtect will prompt you for Login credentials, unless you have already provided them and your Login Session is still active. Login Session Duration is configurable, and described in more detail in the article, Administering Your Account.

After Login, a number of pre-configuration actions are executed. These are mostly associated with 1st-Time Use of active components. For this reason, some tasks present at later times after new features have been activated. Other tasks are associated with ongoing use of a particular feature, such as that associated with :Respond Remediation. See below for details.

Release Notes
The first Login after Installation results in presentation of a short graphic Tutorial on use before Release Notes are displayed together with the 1st-Time Use tasks in the Startup Wizard. This 
popup dialog shows task names on the left together with a description on the bottom. The top contains the query for you to address, as shown below:



Preconfiguration tasks are presented at various times. Some will be skipped on 1st-Time Use, depending on your Account configuration and effective Policies. Some tasks require you to address preconfiguration before continuing, while others permit you to bypass configuration and move to the next item or continue with regular software use.

If you choose Cancel, all remaining preconfiguration tasks are considered before the software continues executing within the context of your Account. If a required task is to be presented after the one for which you choose to Cancel, the software will terminate your Session and return to the Login Prompt, at which point you can choose to proceed with another Profile, or Login again to address the required action.


Out of Band Startup Actions
Some tasks are executed each time you start the software, and are not integrated into the Startup dialog shown above. These are as follows.

Out of Band - TRACE Logging
The
:Foundation Client provides different host Debug Log verbosity settings for SSProtect subsystems. These settings are managed from the notification icon's context menu selection, :Assess Reports, which for some Accounts includes a TRACE capability.

TRACE logging provides potentially sensitive information, and is also only available when enabled by DefiniSec Support. TRACE logging sends a large amount of information to local host Debug Logs, which can and will affect performance. For these reasons, on startup, the software checks to see if any subsystem is configured for TRACE Logging, and if so, provides you with notice so that you can make an adjustment. This prompt inhibits execution of the software, which resumes once you choose how you would like to proceed. More details regarding Debug Logging can be found in the article, Accessing Host Debug Logs.

Out of Band - Checking for Updates
After Login, and before the Startup sequence, the :Foundation Client checks for Updates to install. If a new version of the software is available, you will be prompted to apply the Update. Privileged Organization Account holders can bypass this operation, though Organization Account holders can only do so once before it is required for further use of the software. This procedure is described in the article, Updating SSProtect.

Note that no additional Startup behavior executes until after an Update completes. If however you are allowed to dismiss and bypass an Update, at that time these preconfiguration tasks will be presented (if/ when necessary).

Startup Tasks
The remaining preconfiguration tasks are managed using the Startup popup dialog shown above, listed below in order of potential appearance.

Startup Tasks - Default Working Folder

Your Default Working Folder - also referred to as your Overflow Folder - is the default location for Reports, Restored items that don't have a local path to match the last known location of the file, and also potentially the default location for exported keys (if you skip this step, Export Keys will use a global default, as will other operations - see below).

If you Remote Deploy your Profile, the original Host's Working Folder may not exist. On Startup, the software will recognize this mismatch and attempt to create the configured path. With success, operation continues without interruption. However, if the configured folder cannot be created, you will be prompted as shown at the top of this article.

From this interface, you can configure a new folder or bypass the operation altogether. This allows you to defer creation until you have a better idea of what's required. Revisit configuration by navigating to the Managed Files dialog as explained in the article, Managing Host Data.


Startup Tasks - Honeypot Password
With each successful Login, the software checks to see if Honeypots have been recently enabled and, if so, checks to see if you have set a Honeypot Password. If not, you are prompted to do so, at which point you may proceed or decline (by selecting No) and set the password using the Account Configuration dialog, as described in the article, Deploying Honeypots.

Password Reset clears the Honeypot Password, which triggers this preconfiguration task after Login. For more information, refer to the article, Managing Your Account.


First Login - Export Keys
Key Export allows you to store Account and/ or Organization keys in a password-protected file, which should be stored offline (recommended: removable storage). Exported keys are used with :xRecovery and for Password Reset operation if you forget your Login Password. When using an Individual Account, you cannot regain access without Exported Keys.

IMPORTANT: If you lose your Password and need to Reset, and you are operating as either an Individual Account, or you are the only Privileged Account in an Organization, you must have access to exported keys (and the associated password) or you will permanently lose access to your Account.

Due to the significance of this operation, Individual Account holders cannot bypass this operation and continue using the software - selecting No in this case terminates your Session and returns to the Login prompt. Organization Accounts, on the other hand, are prompted only with Privileged User Login - i.e. the Administrator and/ or Delegates.

As an Organization Account holder, you will not lose access to your Account even if you lose your Password and don't have access to your exported keys - so long as you have provisioned one additional Account (even non-Privileged). Details are beyond the scope of this article, though you can work with Support to carry out required recovery tasks.

As with Honeypot Password prompts, you will only be effectively prompted once for this action - i.e. once you choose to proceed, the requirement to address the matter is assumed fulfilled, and as a result a failure to succeed in Export - or Canceling the Export dialog - has no impact on the reality that you chose to attempt Key Export.

Finally, you will be prompted more than once when you transition Account roles - for example, after migrating from an Individual Account to an Organization, and if/ when you are promoted to an Organization Delegate. This is due to the fact that you will then have Organization Keys within your (protected) scope, and as a result, the potential to contribute to Password Reset (and other rare recovery) operations.

More information is available in the article, Administering Client Resources.

Startup Tasks - SSProtect :Email
When your Account is configured for SSProtect :Email, you will be prompted to install the Microsoft Outlook Add-In that manages protected message content. Updates are also managed in this fashion, under certain circumstances (though somewhat rare). If you don't install the Add-In, you won't be able to access protected messages. For more information, refer to the article, Getting Start with :Email.

Startup Tasks - :Recover Restore
You can Remote Deploy a Profile, i.e. provision your Account to execute on another host computer. When you do so, Startup logic checks your set of Managed Files to see if they exist on the target. When the software determines that a significant amount of your working material is not present, Startup will ask if you wish to securely Restore content from the cloud. If you choose to proceed, the software will carry out the cataloging and Restoration of items to match the Paths and scope of your last Login on a previous Host computer.

This is helpful when replacing a laptop, for example, and resuming normal business operation with as little impact as possible. For more information, refer to the article, Remote Profile Deployment.

Startup Tasks - :Respond Remediation
:Respond detects modified (sabotaged/ Ransomware'd) content, and when also using :Recover, provides for automatic Remediation of this content, restoring the latest known properly secured version for ongoing use. If you suspect your protected content has been modified - or if for some reason managed content is corrupted, you can ask your Administrator or an Organization Delegate to initiate a :Respond Remediation. In some cases, your leadership team will automatically execute this task to check on managed file integrity. In either case, you will be presented with the prompt notifying you of the request, and if you bypass this request, you will not be able to continue using the software - your Session will be terminated and you will be returned to the Login prompt.

For more information, see the Introduction article in the :Respond Topic.

For More Information
Most of these procedures are far less complicated than this article may indicate - understanding when and how these actions get triggered requires much more insight than that required to work with the resulting requests. Refer to related articles for more information, or email our Support Team at support@definisec.com with specific questions.

 

This article was updated w/ v9.1.0 of the :Foundation Client
 

Contact Us

ed5301d112e75fde24d469c55568f50b@definisec.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete