As you may already know, we have made some security-related enhancements to Bullhorn Connexys and will continue to do so in the next few releases. Last week we held a live webinar to answer questions about the changes and possible impact to your business. You can find the English recording here and Dutch recording here. During the webinar we discussed the following changes that may impact your organization:
- CRUD/FLS changes coming live with release 22 (March 2020). Where CRUD/FLS will be enforced on all pages, including custom ones.
- Encrypting data instead of redacting. Where objects and fields with sensitive data will be encrypted so they're no longer stored as plain text.
- Preventing cross-site scripting, where we will be whitelisting or locking functionalities that allow for custom code.
The extra materials that you may need to adapt to these changes:
- An article on newly encrypted values that should be considered if they're used in customizations outside the Connexys package + an explanation on how to decrypt the data
- An article on CRUD/FLS and how to prepare for it
- Article on the whitelist of allowed HTML tags
- The list of affected pages for the CRUD/FLS changes will be shared at a later date.
If you have any further questions on how your org might be affected, please reach out to Bullhorn Connexys support.