Striving to be a better version of yourself? The Shibboleth Identity Provider (IdP) has certainly achieved this, now at version 5, surpassing its predecessor, version 4, which will see the end of support from the Shibboleth project in September 2024. Which version are you currently using? Maintaining an up-to-date Shibboleth IdP is a crucial component […]
Tag: Cyber Security
Introduction Since the Research and Education (R&E) hackathon in February last year, the Federated Credential Management API (FedCM) API has moved to the point where its basic functionality has been included in Google Chrome and most Chromium-based web browsers such as Microsoft Edge. It’s become clearer that the main consumer of FedCM is Google themselves, specifically […]
Phishing attacks are on the rise again, with some 83% of organisations experiencing a successful email-based phishing attack in 2021, up from 57% in 2020, according to Proofpoint’s 2022 State of the Phish report. What’s more, more than 65% of respondents also reported spear fishing and business email compromise (BEC) attacks, with 11% experiencing 10 […]
You might have overheard your IT team talking about certificates and wondered what they’re referring to. Have they completed a new course and are showing off to their team? Surely not, but then how can a website use a certificate? In this blog we explore what SSL certificates are, why you need them, and how […]
A core aspect of Cyber Essentials is keeping your systems up to date. This is true both for operating systems and any installed apps or software, and these must always be kept updated. Applying these updates is one of the most important things you can do to improve security. It ensures that devices and software are not vulnerable to known […]
This year’s KuppingerCole European Identity and Cloud conference saw several talks about Zero Trust Models and Passwordless Authentication. No longer in cyber security is it enough to lock your front door and all of your windows, now the bad guys are ‘coming down the pipes’! To use X-Files parlance ‘Trust no one’ — not even […]
Welcome to this joint broadcast from Jisc‘s Trust and Identity and Security Services teams! What’s the score? In the new year, we will be changing the way you access the following services, making it easier for you to manage your existing subscriptions: Domain registry service (DRS) Primary nameserver service (PNS) We’re adding these services to the new […]
If your institution is considering the move to single sign-on (SSO) solutions, you might find colleagues asking; what does this mean? And what are the benefits? In short, an SSO authentication platform provides simple access control for authentication and authorisation for a whole organisation. In simple terms, this means users only need a single username […]
Online security has never been so important, and protecting corporate data from rising numbers of cyberattacks should be the top priority of every organisation – whether that’s universities, colleges, government or not-for-profit organisations. Keeping web and email services secure One way to boost your cyber security is through digital certificates. They help keep your web and […]