19/06/2019

The Iris Portal release was implemented as planned on the evening of the 19/06/2019 with new features for core NHSmail Portal functionality, O365 functions, and bug fixes.

New Core Functionality

• Locum copy changes on step 0 and step 1 – Changes to the GP Locum registration and email notification content.
• Enhance User Authentication – This PBI will move the authentication processing to reside within the server domain. This is to ensure security answers are not disclosed to the UI and can’t be enumerated. An additional security aspect to this PBI includes adding functionality to prevent admins from performing an authenticate reset function after 3 attempts have been performed regarding incorrect security questions. This will be applied for 1 hour which will then be removed after this time period.
• Add an MFA re-enrol action to the User Details page – New functionality to add an MFA re-enrolment option for O365 admins and global admins to re-enroll users. This functionality will reside on the User Details Action panel.
• Additional control specifically for global admin role – New functionality to add additional control specifically for the reset password action for a global admin user. Global admin user passwords can only be reset by user with global admin role only and not by any other role.
• Suspend user accounts from using self-service functionality, who try to gain access through enumeration of username and mobile phone – If someone tries to brute force to gain unauthorised access to the account, by using an email address and mobile phone number combinations, the account will be temporarily suspended. The maximum failed attempts allowed for self-service password reset is 10, after which the account will be suspended from using self-service password reset for 1hr until the user can use the services again.
• ODS XML Feed Integration – Development of a scheduled task required to feed the updated XML baseline (provided by ODS) into the NHSmail Portal. This will conclude the ODS work package and ensure the regularly updated ODS data is fed into the Portal.

New O365 Functionality

• Hybrid – Add the owner for Teams as part of the Teams Creation process – When creating or editing a team an O365 or Global admin will add members and Owners to the group, these are currently been added to the team through the Exchange Online PowerShell module. The requirement of this PBI is to refactor the create and edit operations of teams to add and remove users using the Teams Powershell module rather than using Exchange Online.

Bugs Fixed

• Hybrid Production: URL is incorrect in the configuration file leading to an error – Bug fix to update the configuration file URL to prevent errors with B2B approval requests.
• Teams list view sorting isn’t accurate – Bug fix to resolve an issue with no results being displayed at the point a user selects any of the Teams list view columns.
• MFA License for Prod licences are being mapped to organisations and departments when an organisation is updated – Fix to only map production MFA licences to updated organisations that have MFA set via the user policy.
• New support site doesn’t render the links referenced in welcome email to users –Fix to update all links within the welcome email to map to the correct location within the new support site.