Alerts and updates

Subscribe using the DocuSign Trust Center Alerts RSS feed URL: https://www.docusign.com/trust/alerts/feed.
Add an RSS reader extension to your browser (Chrome, Firefox), or enable via Outlook on a PC.

  • The new Connect Certificates availability and deployment schedule for 2022 has been published.

    Please see the DocuSign Trust Center page at https://www.docusign.com/trust/compliance/public-certificates under the “Connect Certificates” section for further details on the new certificate availability, "Offer" and "Force" schedule dates.

  • The DocuSign CLM and CLM.CM January 22.1 Product Release will be deployed to the UAT environment on Thursday, December 9, 2021 between 8:00 PM and 11:00 PM, US Central Time. We do not anticipate any impact to platform availability or access during this time.

    Announcements for this upcoming release can be found on the DocuSign Support Center. Please continue to check the Support Center for enhancements and fixes that will be posted before UAT deployment.

    Please contact Technical Support if you have any questions.

    The DocuSign CLM Trust Site (trust.springcm.com) is being retired. Upon retirement, the DocuSign Trust Center will be the sole source for posted trust, security and privacy updates, alerts and system status.

  • [UPDATED: November 15, 2021 09:23 PST] The DocuSign CLM Technology Team has been forced to postpone the scheduled maintenance until a later date due to unforeseen circumstances with the ongoing incident on NA21 and NA11 (see status.docusign.com).  The old subnet (69.79.142.0/24) will remain active until a new maintenance window can be scheduled.  We apologize for any inconvenience.

    Please contact DocuSign CLM Technical Support with any questions.

     

    [POSTED: November 4, 2021 13:19 PST] On Friday, Nov 12th, 2021 at 10pm CDT the DocuSign CLM Technology Team will be changing all customer facing IP addresses for the NA21 PRODUCTION environment.

    As part of this change we will be migrating the NA21 Production environment over to DocuSign’s core backbone for internet access on November 12th between 10pm and midnight. During this period there will be a brief window of inaccessibility to NA21 Production lasting for about 3-5mins.

    The change involves updating all customer-facing IP addresses for Production from 69.79.142.0/24 to 209.112.107.0/25.

    Customers on these instances who are currently allowlisting 69.79.142.0/24 are advised that they will need to work with their IT teams to update their IP allowlisting settings to allow the new range (209.112.107.0/25) or they may encounter issues accessing their environments on the respective dates.

    The DocuSign CLM Trust Site (trust.springcm.com) is being retired. Upon retirement, the DocuSign Trust Center will be the sole source for posted trust, security and privacy updates, alerts and system status.

  • Please see the DocuSign Trust Center page at https://www.docusign.com/trust/compliance/public-certificates under the “Site Certificates” section to download and for further details on the new NA4 certificate availability and application dates.

    The new NA4 certificate will be enforced on Wednesday, November 17, 2021, 3PM. After this time, the new certificate will be the sole certificate for the NA4 Site SSL endpoints.

  • The DocuSign CLM and CLM.CM November 21.8 Product Release will be deployed to the EU11, EU21 Production environments on Friday, November 5, 2021 between 1:30 PM and 5:30 PM, U.S Central Time, and to the NA11, NA21, US11, US12 Production environments between 9:00 PM and Midnight, US Central Time. We do not anticipate any impact to platform availability or access during this time.

    Release Notes for this upcoming release can be found on the DocuSign Support Center.

    Please contact Technical Support if you have any questions.

    The DocuSign CLM Trust Site (trust.springcm.com) is being retired. Upon retirement, the DocuSign Trust Site will be the sole source for posted trust, security and privacy updates, alerts and system status.

     

  • DocuSign is deprecating support for outbound TLS 1.0 on 31st October 2021. Although DocuSign has not supported TLS 1.0 in our products since 2018, we did allow opportunistic TLS which means if a recipient's email server did not accept a higher version of TLS, they could receive emails via TLS 1.0. This will end on October 31st.

    Additional information can be found on the DocuSign Support Center.

    Please contact Technical Support if you have any questions.

  • DocuSign has updated the subprocessor lists for our products and services: https://www.docusign.com/trust/privacy/subprocessors-list.     

    Please contact privacy@docusign.com for any questions regarding this subprocessor information.
  • The CLM Operations team will be performing essential system maintenance on all CLM Data Centers starting Friday, October 8th and ending Saturday, October 9th 2021. During this time, there may be some periods where the CLM application is degraded.  We apologize for the short notice for this announcement and any impact this may have on your accounts.

    Please reach out to DocuSign CLM Technical Support for any questions or concerns and see below for the timing by environment:

    EU11 EU21 PRODUCTION ENVIRONMENTS

    Between 18:30 UTC (1:30 pm CDT) and 22:30 UTC (5:30 pm CDT) on Friday October 8th 2021.

    UAT ENVIRONMENTS

    Between 00:30 UTC (7:30 pm CDT) and 03:30 UTC (10:30 pm CDT) on Friday October 8th 2021-Sat October 9th 2021.

    NA11 NA21 PRODUCTION ENVIRONMENTS

    Between 18:00 UTC (1:00 pm CDT) and 0:00 UTC (7:00 pm CDT) on Sat October 9th 2021.

    US11 US12 PRODUCTION ENVIRONMENTS

    Between 18:00 UTC (1:00 pm CDT) and 0:00 UTC (7:00 pm CDT) on Sat October 9th 2021.


     
  • The DocuSign CLM and CLM.CM November 21.8 Product Release will be deployed to the UAT environment on Thursday, October 21, 2021 between 8:00 PM and 11:00 PM, US Central Time. We do not anticipate any impact to platform availability or access during this time.

    Announcements for this upcoming release can be found on the DocuSign Support Center. Please continue to check the Support Center for enhancements and fixes that will be posted before UAT deployment.

    Please contact Technical Support if you have any questions.
  • The DocuSign CLM Technology Team will be conducting scheduled maintenance beginning Saturday, October 9th at 22:00 - 23:00 CDT (03:00 - 04:00 GMT, Oct 10).

    During this time customers on the NA11 instance may experience moments of brief inaccessibility to their account.

    We apologize for any inconvenience during this time.

    Please reach out to DocuSign CLM Technical Support for any questions or concerns and check back here for updates regarding the schedule.
  • The availability and deployment schedule for the new NA4 Site SSL Certificate has now been released.

    Please see the DocuSign Trust Center page at https://www.docusign.com/trust/compliance/public-certificates under the “Site Certificates ” section for further details on the new certificate availability and application dates.

  • DocuSign has observed a new phishing campaign in which malicious URLs are being hidden in legitimate DocuSign envelopes.

    The emails are being sent from a variety of senders and associated email addresses, many with the domains email[.]com or co[.]za. The emails reported have many closely related subject lines, including:

    • “Important: AOL Email Deactivation Notice,”
    • “Important: Microsoft Email Maintenance Request” 
    • “Bank Confirmation”
    • "INVOICE.pdf"
    • "PAYMENTS.pdf"
    • "STATEMENTS.pdf"
    • "PAYMENT DUE.pdf"
    • "TAX INVOICE.pdf"

    Do not click on any email or attachment links from unknown or untrusted senders. All customers are reminded that they should continue their own due diligence and identify and report to DocuSign suspicious emails using legitimate DocuSign accounts and technology (securityaccountabuse@docusign.com), as well as suspicious emails spoofing the DocuSign brand (spam@docusign.com). Customers should also continue to utilize their own organization’s security tools to investigate potentially malicious documents, links and notifications.

    For more information on how to spot phishing, please see our Combating Phishing and Protecting Your Organization Against DocuSign Brand Impersonation white papers.

Pages