Categories
Cyber security

Accessing ISO standards

Your institution may already have a subscription to British Standards Online (BSOL) which provides you with access to standards such as ISO 27001. If your institution does not have access, an agreement for access to BSOL is available through our License Subscriptions Manager.

Categories
Cyber security

Remote access and Zero Trust

For those of you who aren’t also following Jisc’s Cloud Blog, you may not have seen a post from Richard Jackson (Jisc’s Lead Cloud Security Specialist) on Remote access and Zero Trust. The post at https://cloud.jiscinvolve.org/wp/2021/06/16/973/ delves into how organisations should handle remote access securely and contains useful advice that can help mitigate against some […]

Categories
Cyber security

Top 10 tips for DNS Resilience

Andy Davis has been virtually touring the country recently providing advice and guidance to Heads of IT groups on DNS resilience, so I’ve asked him to share his top ten tips: (1) Keep your nameservers patched and running on supportable DNS platforms (OS and DNS application). (2) Review your Business Continuity Plans (BCP) – Do […]

Categories
Cyber security

Cyber security awareness month

Have you spent the last few months wondering: How can I create a strong password? What is smishing? How could ransomware impact me? What are the signs of a phishing email? Well this year GÉANT joins the European Cyber Security month, an initiative launched by ENISA, EC DG CONNECT and a variety of partners to […]

Categories
Cyber security

Certificate, protocol & cipher management

Online services and remote access platforms have become common place, with more and more sensitive information being made accessible via these tools, it is more important than ever to protect these services from interception, manipulation and impersonation; the primary control in this space is ensuring only services intended for public use are exposed to the […]

Categories
Cyber security

GEANT courses on client privacy and security

Later this month GEANT will be running a series of five webinars which are open to all of Jisc’s members. These are particularly relevant to systems and network administrators, but may be of general interest to a wider audience. Web browsers Security & Privacy – secure surfing with less traces: 21/09/2020 Email Security & Privacy […]

Categories
Cyber security

A morning in the life of a Cyber Essentials assessor

Grabbing my morning coffee, I log in to the Jisc Cyber Essentials Pervade portal and see I have 3 Cyber Essentials assessments to mark today https://www.jisc.ac.uk/cyber-essentials. That shouldn’t take me too long, if the applicants have been clear and detailed in their responses. I need to have a good understanding of their estate to award […]

Categories
Cyber security

Hitting DMARC! Phishing emails can easily spoof University and College domains: DMARC and NCSC Mail Check are here to help

Guest post by Tom S Academia lead – The Mail Check Team NCSC Active Cyber Defence Cyber security is improving in many areas, but the adoption of DMARC anti-spoofing is still too low. NCSC tools and tips gathered from around the community can help as this guest post from Tom S, Academia lead in NCSC’s Active […]

Categories
Cyber security

Ransomware in the Education Sector

Throughout 2020 we have seen different types of ransomware utilising various attack methods and operational techniques to infiltrate networks. The types seen include: RYUK, Ouroboros, Cryakl, rEvil, Mapo and Corona-lock. One common initial infection vector has been malware such as TrickBot (commonly seen within a triple threat vector alongside Emotet and RYUK). While infection via […]

Categories
Cyber security

Electronic Signatures

Electronic signatures, or e-signatures, are a means of signing documents in the same way that documents and agreements are signed using a written signature on hardcopy documents. Electronic signatures can come in any form that the parties to a contract agree on, but in general fall into three distinct categories. Simple e-signatures These are direct […]