Sunday, 25 September 2022

Studentnet Security & Privacy Credential

Security & Privacy

Commendations

  • Australian Privacy Awards 2008 – Highly Commended, Microsoft Small Medium Business category

  • Australia New Zealand Internet Awards(ANZIA) 2011, Finalist, Security and Privacy category

Industry Associations

Standards

  • Cert Australia Partner – registered with Australian Federal Government’s Defence department Australian Signals Directorate as part of Australia’s Critical Infrastructure

  • Joint Cyber Security Centre(JCSC) – registered Sydney JCSC partner, an initiative of Cert Australia

  • Australian Internet Security Initiative(AISI) – Studentnet was the first education related organisation to participate in and comply with AISI

  • APNIC DASH - Dashboard for Autonomous System Health

  • Payment Card Industry – Data Storage Standard(PCI-DSS) – Studentnet’s facilities have been audited to comply with the standard required for the storage of credit card and financial data even though we do not retain any such data

  • Notifiable Data Breach(NDB) – scheme participant

Technology

Standards

  • SAML 2

  • oAuth 2

  • Shibboleth

  • OpenID Connect

Facilities

  • GlobalSwitch data centre

  • NTT connectivity

  • Telstra Connectivity

  • Indicium connectivity

  • Pipe Networks - peering


oOo

Wednesday, 14 September 2022

Safer Technology for Schools(ST4S) accreditation for Cloudwork

 

Safer Technologies 4 Schools (ST4S) is a national service that assesses the safety of digital products and services used by Australian schools.


The ST4S badge helps school leaders and educators easily identify
suppliers who have been assessed through the ST4S service. This gives schools peace of mind that simple, easy to understand privacy and security information is available for this supplier’s product, and it meets the minimum required standards for use in the badge program.

Studentnet is proud to advise that Cloudwork has successfully qualified to be part of the Safer Technologies 4 Schools (ST4S) Product Badge Program in 2021.

Undergoing assessment under the ST4S program is part of Studentet's security and safety commitment to the Australian education community.

Sunday, 11 September 2022

Studentnet Cloudwork V43 Release Notes: AuthentID School Branded Authenticator

 V43 New Features

  • AuthentID - A new multifactor option has been added. Find the CloudworkID Authenticator on the Apple and Google Play stores today. Available in generic and school branded versions.
  • Improved file uploads - A new sync profile for for uploading files has been added. Over time, we'll be migrating email CSVs to use this new sync profile to provide more reliable and more powerful syncing 
  • Password Complexity - New password complexity options have been added, allowing for more powerful and flexible password and passphrase rules. 
  • MFA - The MFA onboarding workflow has been significantly improved, with better user hints and the ability to continue logging in after enabling SSO 

Bug fixes and improvements

  • OpenID Connect support has been revamped to provide large performance improvements 
  • New event types have been added for geoblocking related authentication failures 
  • Resolved an issue that prevented Azure AD from authenticating SMTP requests correctly 
  • Fixed an issue resulting in user sessions sometimes not lasting as long as expected 
  • Fixed a bug that sometimes prevented Administrators from replacing the logo in the theme 
  • Some changes have been made to improve performance of Adobe syncing. This is the first phase in a longer project to improve support for Adobe 
  • New event types have been added for TASS syncing 
  • Welcome messages have been updated to allow the SIS ID to be included as a template option 
  • Resolved minor security issues

Wednesday, 22 December 2021

Studentnet’s Holiday Availability 2021/2022

 

The Cloudwork Support team would like to wish you all a fabulous Christmas plus a happy and safe New Year!

We just wanted to let you know that all of our normal 24x7 monitoring systems and emergency response arrangements will be in place and operational over the entire holiday period.

The following restrictions will apply over the festive season:

  • An embargo will apply on all changes or requests for implementation of new feature between 10am December 24th  2021 and 10am January 10, 2021
  • All existing account provisioning implementations will continue on their agreed to schedules. No new account provisioning implementations will commence until after the commencement of Term 1, 2022.
Between mid December and mid January key vendors do not allow any planned changes. This restricts our ability to complete new orders and to change services.  If you have plans during this period please contact us now for further details about how you may be affected, and please submit orders early to avoid delays.

Between the 24th of December and the 10th of January, Studentnet will have skeleton NOC staff available. Non-urgent issues are best communicated via either:Of course our normal emergency support and operation services still apply. For urgent issues, the contact number for the NOC is +61 2 9281 3905.

Once again please have a safe and joyous festive season.

The Studentnet Team



Wednesday, 20 October 2021

Studentnet Advisory TLS 1.2 upgrade & Windows 11 support for TL 1.3

 Hello IT Admins,

We have 2 TLS related advisories for Microsoft Windows listed below.

1. Windows Network TLS 1.2 Upgrades affecting on-prem provisioning

As part of good security practice, many IT admins are upgrading their Windows networks to support TLS 1.2 and deprecating the use of TLS 1.0 and 1.1. This upgrade can affect the processing of Studentnet's Cloudwork Identity Node(CwIN) located on your school premises.

Studentnet started observing CwIN operating issues yesterday(20/10/21) morning. The symptoms are that Cloudwork's on premises provisioning of accounts from your management system to your AD appears to fail to complete.

Studentnet is issuing this advisory to inform you of the issue. There are a variety of solutions depending upon the upgrade status of your various Windows components.

We'd like to discuss the options with you prior to implementing the most appropriate solution for your school. If you experience any difficulty with completion of your account provisioning we request you to please log a ticket on our help portal(here: support.studentnet.net) or by sending an email to help@studentnet.net.

More information on the impact of upgrading to TLS 1.2 on a Windows network is available here:  

2. Windows 11 clients unable to login to Office

Microsoft are enforcing a very hard implementation of TLS 1.3 in Windows 11. At the moment our Cloudwork infra-structure needs an upgrade to support TLS 1.3 but that upgrade will be very disruptive as it involves an entire re-start of our technology stack - something one does not do lightly especially at one of the busiest times of the year for schools.

We have a temporary fix for the problem...

For the moment users on Windows 11 will need to disable TLS 1.3.

This option is under Internet Options -> Advanced

It seems that windows 11's implementation of TLS 1.3 prevents Windows 11 from correctly talking to Cloudwork, however forcing it to use TLS 1.2 works.

We're working on a solution to this issue, however it will represent a fairly large infrastructure update to Cloudwork, and is unlikely to be completed before the Christmas break.


Once we have upgraded our infrastructure to support TLS 1.3 we will send out an advisory at which point those users that have implemented the above fix will need to undo it.

Regards,

The Studentnet Team
PS: Remember to join our LinkedIn Group

Tuesday, 19 October 2021

Studentnet and Cloudwork - Support when you need it!

 

Studentnet excited to announce that we have updated our support structure. For anyone that has worked with us - you know our responses are swift and we work with you to solve any issues!

If you need to contact our support team we have 4 ways:
1) Click the HELP button on the bottom right of https://studentnet.net/  pages.
2) Email us on help@studentnet.net
3) Go to our help and knowledge base page
4) Tweet a Direct message to us - @studentnet Studentnet Team

 We also plan to have a WEBINAR in the next few weeks on our launch of Version 41 - so watch this space!
 
Also please make sure you join our LINKEDIN GROUP.
 










All the best,
Studentnet Team
 

Monday, 26 July 2021

Studentnet Cloudwork V40 Release Notes: Smart ID – API(TASS) & flexible Parent accounts

Studentnet is pleased to advise that our latest version 40 is now available for release and deployment at schools.

V40 is a major release implementing full support for the TASS IdM API plus further improvements to Adobe integration. V40 also introduces the concept of Smart ID that extends the concept of Single Sign On to provide smarter authentication flexibility – great for parents!

Our objective with this release was to continue our program of integrations with the systems and apps used in modern Australian schools. Look for further integration support for Azure AD to come in 2021.

Please find below the V40 release notes.

V40 New Features

  • TASS integration: The first version of TASS Sync Profiles is now available

  • Multi-email address flexibility: Email addresses have been reworked to allow users to have secondary email addresses

  • IP address blocking: A new feature has been added to the Authorization Rules allowing controlling service access based on IP address

  • Authorization Rules: More options have been added to control how Authorization Rules are applied

  • Dashboard: OpenID Connect IDP details can now be accessed in the dashboard

V40 Improvements

  • Adobe: A number of bug fixes have been implemented for Adobe Provisioning  

    Dashboard-Messaging: Updated bulk message workflow to enable marking users as "Welcome message sent" once the bulk welcome has been delivered

    Dashboard-MFA: A UI update now allows admins to to manually enter the Multifactor Secret on devices that can not scan QR Codes when implementing multifactor authenticator apps

    Authentication: OpenID Connect authentication now supports username hinting and forced authentication

    Password Policies: Improved Active Directory integration allowing Cloudwork to better support Fine Grained Password Policies in Active Directory


    Miscellaneous: Other minor bugfixes and improvements


    oOo