Categories
Uncategorized

Defining the scope of your Cyber Essentials submission

  Defining the scope of your Cyber Essentials assessment will be difficult. Ideally it should to be done right at the beginning of the process and should apply to the whole organisation. Most likely though, it will develop as the answers to the section questions are collected and developed, and determining if mitigation is required […]

Categories
Uncategorized

Starting along the road to attaining Cyber Essentials accreditation

  Cyber Essentials (CE) is a base level security accreditation that demonstrates a security posture that is compliant the National Cyber Security Centre (NCSC) recommended guidelines for small to medium enterprises (SME). It allows funders, customers and staff to have confidence that organisational policy, processes, user practices and IT infrastructure provide a risk assessed and […]

Categories
Uncategorized

Cyber Essentials requirement for ESFA funding, the story so far.

  The Education and Skills Funding Agency (ESFA) had initially amended the contract for those who receive that funding to attain the ISO27001 Information Security Management certification. Jisc and the AoC made representations citing that the scale of work, redirection of resource and the very short time frame was an unrealistic expectation for the sector.  […]

Categories
Uncategorized

eduroam FE workshops and Microsoft NPS

Update (17/04/2018) We have now published an updated v0.5 of the eduroam (UK) Microsoft NPS Configuration Guide on the Jisc community site. Update (12/03/2018) An updated draft v0.3 of the eduroam(UK) Microsoft Network Policy Server guide is now available.   This covers configuring your own Standalone Certificate Authority, which is the preferred approach.   We will be moving to a final […]

Categories
Uncategorized

Being agile—not just for software developers

There’s a lot of buzz around agile methodologies these days. It’s certainly talked about a lot within Jisc, and a good number of projects here have adopted agile. Probably the most common agile methodology is scrum, but there are others which might suit your project better. Having recently completed agile fundamentals training but having been […]

Categories
Uncategorized

Transforming the business: A Jisc Information Strategy Blog by David Reeve

Over the last few months our small information strategy team has been starting to deliver on the transformational enterprise information strategy and its principles of; being safe with our information, being smarter with our information and using the right tools, policies and processes to deliver on the other two principles.  The team has been applying […]

Categories
Uncategorized

Is your organisation Wi-Fi a security incident waiting to happen?

Working for Jisc means that I’m increasingly on-the-road, which inevitably makes me a user of more and more Wi-Fi Hotspots; whether they be at the offices, campus or buildings of our Jisc members, at hotels, cafes, or on public transport. I continue to be surprised at the compromises that are being made to deliver Wi-Fi, either compromising security, […]

Categories
Uncategorized

Walled garden for on-boarding user devices to eduroam – Technical deployment guide

One of the key barriers in successful deployment of eduroam, is around ensuring that users are adequately supported. 802.1x/WPA2 Enterprise configuration on the majority of devices is a little more complex than PSK-based Wireless solutions, which users are familiar with at home. As a result there is a need for on-boarding tools to be made […]

Categories
Uncategorized

Looking back down the road

Re-posted from Brian Kelly’s Institutional Web Mangers Workshop (IWMW) blog—prepared on the occasion of IWMW’s 20th anniversary A brief look back down the road About this guest post I’ve known Brian Kelly for about 30 years. He is one of those guys with whom I feel instantly at home, with half a universe of common […]

Categories
Uncategorized

There is a new version of the international standard for records management (ISO 15489-1:2016)

Time to rejoice! A new version of the international standard for records management BS ISO15489-1:2016 has been released by the International Organization for Standardization and has been adopted as a British Standard a couple of months ago. A revision has been long awaited since the first version of this popular standard came out in 2001. […]