Monday 6 May 2024

Social Media Sign On - Cloudwork v46 Release Notes

 

Cloudwork® v46 Release Notes



New Features


  • Social Media Sign Ons

    • Added the ability to enable and configure Social Authentication (Log in with Facebook, Microsoft, Google, Apple)

    • Automatic provisioning of accounts permitted to use Social Media Sign Ons

    • Increased security through independent account verification

      OU level granular configurability

  • Adobe syncing

    • Redesigned for greater efficiency and volume handling

    • Increased volume capacity by addressing Adobe API's Rate Limiting Issues, improving Cloudwork's Adobe Sync Processes

    • Able to Sync Cloudwork's Users, Groups and Group members into Adobe for creating, updating and deleting accounts.

    • Improved simplified IT administrator workflow with Cloudwork's Adobe Sync. The Admin no longer needs to manually implement licences to each user in the Adobe Admin Console. Once Cloudwork's Users, Groups and Group Members are synced into Adobe, the Admin will only need to implement a licence profile to a Group within the Adobe Admin Console

    • Automated linking of Adobe accounts into Cloudwork. Cloudwork's Adobe Sync will check for existing Adobe Users, and if the email matches, it will link the Adobe Account to Cloudwork.

    • Suspended Options for Cloudwork Users. The options are to either be removed from the Adobe Organization, removed from the Adobe Organization and delete the account permanently, or ignored.

  • Any changes or updates on a Cloudwork OU or Group regarding Name Changes or Deletions from Cloudwork will be correctly updated in Cloudwork's Adobe configuration. This fixes syncing issues for those OU or Groups that had been updated, which now correctly includes them in the Adobe sync process.

  • Log export to SIEM services

    • Initially support QRadar SIEM.

  • Currently integrated through SecureISS accessing Cloudwork APIs.

  • Forgot Username messages

  • New template options



Fixes and improvements


  • Added the "I trust this device" option to the Cloudwork Authenticator MFA method

  • Fixed an issue where Multifactor authentication and ADFS prompted too often

  • Fixed some bugs around authorization rules and MFA

  • Fixed an issue where the trust token for MFA was some times not stored correctly

  • Fixed some sync profiles losing custom attributes

  • Small updates to Azure syncing

  • Fixes to User search: Will now search alternate email addresses

  • Fixes to Groups UI: Groups with multiple group types no longer breaks the Groups UI

  • Other UI improvements: Spelling mistakes, grammar improvements

  • Started transitioning to Sendgrid's API instead of SMTP for sending email

Passwordless Sign On - Simple, Convenient Secure



Tuesday 22 August 2023

Cloudwork PlatformID - world first support for Apple's Platform SSO

 


Apple's Platform SSO:
An independent status update

 

In a significant first for local innovation, Cloudwork® is proud to advise the availability of Cloudwork PlatformID v1 supporting Apple Mac's Extensible SSO and Platform SSO v1.

 

Schools planning their 2024 device management need to know more about the status and relevance of this announcement.

Image source: Apple.com

Let's start with a quick re-cap:


Apple announced both Extensible SSO and Platform SSO v1 at their June, 2022 WWDC. The announcement stated:
  • Extensible SSO will allow seamless single sign-on for users, instead of separate sign-ons for device access, apps and websites.
  • Platform SSO allows school administrators to use identity provider (IdP) credentials to centrally manage passwords, permissions and group memberships.
  • To support these new features, Identity Providers needed to build an installable extension for the managed Mac devices.
  • At the time of announcement, very scant details or documentation were available to Identity Providers to build this new extension.
  • Cloudwork responded to these announcements by committing to providing support for both Extensible and Platform SSO.
In a significant first for local innovation, Cloudwork® is proud to advise the availability of Cloudwork PlatformID v1 supporting Apple Mac's Extensible SSO and Platform SSO v1.

Using Jamf Pro as the Mobile Device Manager (MDM) and Cloudwork as the Identity Provider we'd like to walk you through an end-to-end experience starting from a clean Mac moving on to password synchronisation and desktop and web sign-on integration. The walk through can be experienced via these four videos:
But the story does not end there.
 

At the June 2023 WWDC Apple announced the availability of Platform SSO v2, significantly enhancing its functional range and value:

  • Supports local accounts: Platform SSO is designed to be a modern replacement for binding to directory services.
  • Integrates into macOS: Platform SSO is integrated with macOS and doesn't use JavaScript or render webpages for authentication.
  • Creating users on demand: New local user accounts can be created on demand at the login window using IdP credentials.
  • Integrates IdP group membership with macOS: Mobile device management (MDM) configurable groups can be used to manage account permissions.
  • Enables the use of network accounts for Authorization: Groups can also be used to authorize network accounts.
  • Supports multiple authentication methods: Platform SSO supports many different authentication methods with an IdP.
Cloudwork® has committed to building support for v2 into Cloudwork's PlatformID feature.

Our target is to have v2 available this year for testing in Q4 2023, in time to support schools for the 2024 academic year.

There's a lot in this announcement.

Start your 2024 planning process now! Contact us to arrange a planning session to work through the best options for your school community.

Monday 6 February 2023

SBS Insight Identity Crime program

SBS Insight: Identity Crime

The SBS Insight program has prepared an episode devoted to Identity Crime. I attended the recording of the episode last night as a non-speaking audience member.

Some of the stories are absolutely harrowing.

They included examples of breaches involving schools. This is a don't miss episode for anybody interested in identity theft and resulting crimes - especially in the education community.

I am so glad that Studentnet is investing so much effort into our Identity Protection initiative for Australian schools.

Insight's Identity Crime episode is scheduled to broadcast on February 28.

Kevin Karp, Studentnet 

Thursday 26 January 2023

Welcome to 2023 - the year of Identity Protection

New Year, New Challenges

2023 - the year elevating the importance of protecting your school's identity and the identities of all of the members of your community be they staff, students and parents.


We'd like to take this opportunity of welcoming all of the new schools that are joining us for the first time in 2023 plus all of our existing outstanding school community. We can see all of the great work that you're doing bringing on board your new cohort of students, parents and teachers. 

We've got a busy year of major feature enhancements planned for Cloudwork to make your life easier and to make your community more secure. For now, it's been a pleasure and honour to work with you all during what is always a busy and stressful time.

Congratulations on another successful start to the academic year!

The Studentnet Team

www.studentnet.net




Sunday 25 September 2022

Studentnet Security & Privacy Credential

Security & Privacy

Commendations

  • Australian Privacy Awards 2008 – Highly Commended, Microsoft Small Medium Business category

  • Australia New Zealand Internet Awards(ANZIA) 2011, Finalist, Security and Privacy category

Industry Associations

Standards

  • Cert Australia Partner – registered with Australian Federal Government’s Defence department Australian Signals Directorate as part of Australia’s Critical Infrastructure

  • Joint Cyber Security Centre(JCSC) – registered Sydney JCSC partner, an initiative of Cert Australia

  • Australian Internet Security Initiative(AISI) – Studentnet was the first education related organisation to participate in and comply with AISI

  • APNIC DASH - Dashboard for Autonomous System Health

  • Payment Card Industry – Data Storage Standard(PCI-DSS) – Studentnet’s facilities have been audited to comply with the standard required for the storage of credit card and financial data even though we do not retain any such data

  • Notifiable Data Breach(NDB) – scheme participant

Technology

Standards

  • SAML 2

  • oAuth 2

  • Shibboleth

  • OpenID Connect

Facilities

  • GlobalSwitch data centre

  • NTT connectivity

  • Telstra Connectivity

  • Indicium connectivity

  • Pipe Networks - peering


oOo

Wednesday 14 September 2022

Safer Technology for Schools(ST4S) accreditation for Cloudwork

 

Safer Technologies 4 Schools (ST4S) is a national service that assesses the safety of digital products and services used by Australian schools.


The ST4S badge helps school leaders and educators easily identify
suppliers who have been assessed through the ST4S service. This gives schools peace of mind that simple, easy to understand privacy and security information is available for this supplier’s product, and it meets the minimum required standards for use in the badge program.

Studentnet is proud to advise that Cloudwork has successfully qualified to be part of the Safer Technologies 4 Schools (ST4S) Product Badge Program in 2021.

Undergoing assessment under the ST4S program is part of Studentet's security and safety commitment to the Australian education community.