The last few months have been very hectic for Diri AS. Our primary focus has been on improving the quality of our software and ensuring a stable and dependable SaaS application. We are pleased to announce that we are now ready to migrate our production environment from Azure West Europe to Azure Eastern Norway data center and plan to do so before May. With the new data center, we can offer improved performance and reduced latency for our Norwegian customers, as their data will now be hosted closer to them. The migration will also ensure that our customers' data is stored within Norway's borders, which is crucial for compliance with Norwegian data protection regulations. Overall, this migration is a significant step in our efforts to provide the best possible service to our customers in Norway and beyond. This change will involve a migration to a new environment and thus bring involve several updates.
Important information
We have upgraded the security of our password database. As a result, all users who access Diri with a regular username and password (not Microsoft Sign-in) will need to reset their password using the new "forgot password" functionality after the migration. However, this does not apply to users who sign in using Microsoft Tenant.
Application improvements and updates
New development, test, and production environments
We have professionalized and formalized our software development process by implementing secure software development practices and moving our test, staging, and production environments to Microsoft Azure Eastern Norway. Our new release pipeline for all new environments and semi-automated code testing are part of this effort. Our Code of Contribution for the Diri software development project is available for forum members and outlines the process for submitting code changes, writing documentation, reporting issues, adhering to coding standards, and interacting with other contributors. For more information, please visit: https://hjelp.diri.no/portal/en/kb/articles/secure-software-development-practices https://hjelp.diri.no/portal/en/kb/articles/diri-code-of-contribution-overview
Code optimization
Our developers have continuously optimized the code of Diri to improve its performance, efficiency, and scalability. This effort will result in a faster application, reduced resource usage, improved maintainability, and compatibility with different hardware and software environments.
Language updates
We have updated the language files for some of the central workflows in Diri. The dynamic translation fields have been updated and refined to improve clarity and precision. In the wizards, risk assessments are now referred to as objects throughout the application to create more generic and consistent language.
New features
Improved Password Security
In recent months, we have implemented several improvements to enhance the security of our application. We have increased the password security levels by introducing best practice security requirements for new passwords. We have also upgraded the password database security to the state of the art, which will require a password reset for all users who do not use Microsoft to sign in. To reset your application password, you can now use the "forgot password" functionality on our login page.
New password reset feature
Improved copy and re-use functionality in the Risk Assessment
The "Existing" functionality has been a part of Diri for a long time, but it has been challenging to use. However, we have made significant improvements to this feature in the latest update. You can now copy multiple causes and consequences in the same window, copy associated risk treatments, and keep your filtered searches. Gaute demonstrates these changes quickly in this video:
Create a set of baseline risks for all assessments
The new feature allows you to add "standard risks" to risk assessment objects in the database. As a risk manager, you usually have a basic set of risks that you want to assess for each object. With the new functionality, you can select multiple risk assessments in the overview and copy risks to them quickly from a template. For instance, an admin who has several ICT systems to assess can delegate the risk assessment of a standard set of baseline risks to system owners. The baseline risks are created by marking an existing risk assessment as a template and copying them to each object using multiselect.
(This feature might be postponed for the next release.)
Minor changes and Bug fixes
In the "Risk
Assessment" menu - added a "Last edited" date stamp per
object (will only be visible for changes made after the major change)
In the “Users” menu – added
“Created” and “Last seen" date stamps per user
Activated Autosave in the
Risk Assessment Step 4 – Treatment plan and removed the "Save
changes" button.
Activated Autosave in the
Settings and removed the "Saved changes" buttons.
The Diri-helper – Added a way
back after selecting risk assessment type by clicking previous at the bottom of the page.
Updated the Risk Matrix in
the main dashboard and the risk assessment dashboard to show
"Planned" risk picture.
Risk assessment step 5 –
Complete and Confirm – Added a "Total cost" of the accepted
treatments for both "One time" and "Yearly costs"
Risk assessment step 5 –
Complete and Confirm – Added "Due date" to each treatment.
Fixed email issue where Diri
sent multiple copies of the same email.
Deleting a risk assessment now asks if you also want to delete treatments, while treatments connected to other risk assessments will not be deleted.