In Jisc Cloud Solutions one of our most common recommendations for securing web applications is to ensure that you use a Web Application Firewall in order to block malicious attacks. Of course Web Application Firewalls are not silver bullets – they should be deployed alongside services such as IPS and traditional firewalls to ensure defence […]
Author: Rich Jackson
This blog has been written in collaboration with the Jisc Trust & Identity and Cyber Security teams. Jisc has recently become aware of a potential security risk associated with the default Azure Active Directory (AAD) security settings that are commonly in place across our membership. If your organisation uses AAD (or plans to use it), […]
Categories
Remote access and Zero Trust
Zero Trust is a concept which has been around for at least the last decade. Whilst organisations were aware of it and implementing aspects of a Zero Trust architecture, it was not until 2020, for obvious reasons, that pretty much every organisation was forced into thinking about its adoption; responding to a distributed and fragmented […]
Single sign-on (SSO) plays a key part in providing a secure authentication solution. However, the architecture and authentication flow of these solutions are paramount in ensuring that your identity broker retains its availability and integrity. IAM makes up a core component of the NCSC Cloud Security Principles. Therefore, when implemented it is important that the […]
Unsurprisingly, the world and its dog appear to be shifting large amounts of their collaboration activity (team chat, shared documents, meetings and telephony) into Microsoft Teams right now. Here are our top 10 tips for rolling-out Teams securely. This is particularly important given the large number of people now working from home. Whilst some of […]