A recent incident affecting a small number of entities in the UK federation has alerted us to some issues related to the distribution of default cryptographic keys. The following advice applies to both service providers (SP) and identity providers (IdP). The risk of using a default key is that someone may impersonate you. As […]
Category: Trust, Identity and Access Blogs
User tracking for digital marketing can violate user privacy on the web. Now that browser vendors are looking to implement methods to stop user tracking, we must ensure these methods do not clobber other frameworks which protect privacy such as Single SignOn through the UK federation, SAML and OpenID Connect. Problems and mitigations Digital […]
We all know how it goes. We face a challenge, we find a solution, we implement it, and if we’re lucky – it works! Before you know it – the successful solution is all but forgotten. Neglected. A distant memory in the chaos of the day-to-day; buried beneath a pile of new challenges that we’re […]
A domain name is a very important asset to an organisation. They help to establish a unique identity for your website and represent your brand, so keeping them secure is key. If the domain is not secured properly, it is at a higher risk of being hijacked. This is particularly important as domains are a […]
Phishing attacks are on the rise again, with some 83% of organisations experiencing a successful email-based phishing attack in 2021, up from 57% in 2020, according to Proofpoint’s 2022 State of the Phish report. What’s more, more than 65% of respondents also reported spear fishing and business email compromise (BEC) attacks, with 11% experiencing 10 […]
When the world doesn’t feel stable, make sure your website is with a Jisc SSL certificate! In this blog post, Emily Brown, Trust and Identity Co-ordinator, gives us her round up of the 10 most frequently asked questions from the certificates help desk. How to sign up? How does pricing work? How do I initiate […]
You might have overheard your IT team talking about certificates and wondered what they’re referring to. Have they completed a new course and are showing off to their team? Surely not, but then how can a website use a certificate? In this blog we explore what SSL certificates are, why you need them, and how […]
Bear with me while we have a little history lesson. As anyone who has ever used an Inertial Navigation System knows, you can only get to where you want to be, by knowing where you are coming from… Coming of age in the 80’s, I had a few certainties. Liverpool FC always won, C15 blank […]
One of the many impacts of the post-COVID 19 pandemic in the library space was the increase in demand for remote access to electronic resources. This, however, is not enough. For libraries to get better engagement and more resource usage from their patrons, there is also the need for a high-quality user experience, where resources […]
Providing seamless access to digital services is a critical part of the IT team’s role in higher education (HE) and further education (FE). When a lecturer struggles to access wifi on a remote campus, or a student can’t work out how to access digital course materials quickly, the result is a barrier to learning and […]