SBS Insight Identity Crime program

SBS Insight: Identity Crime

The SBS Insight program has prepared an episode devoted to Identity Crime. I attended the recording of the episode last night as a non-speaking audience member.

Some of the stories are absolutely harrowing.

They included examples of breaches involving schools. This is a don't miss episode for anybody interested in identity theft and resulting crimes - especially in the education community.

I am so glad that Studentnet is investing so much effort into our Identity Protection initiative for Australian schools.

Insight's Identity Crime episode is scheduled to broadcast on February 28.

Kevin Karp, Studentnet 

Welcome to 2023 - the year of Identity Protection

New Year, New Challenges

2023 - the year elevating the importance of protecting your school's identity and the identities of all of the members of your community be they staff, students and parents.

We'd like to take this opportunity of welcoming all of the new schools that are joining us for the first time in 2023 plus all of our existing outstanding school community. We can see all of the great work that you're doing bringing on board your new cohort of students, parents and teachers. 

We've got a busy year of major feature enhancements planned for Cloudwork to make your life easier and to make your community more secure. For now, it's been a pleasure and honour to work with you all during what is always a busy and stressful time.

Congratulations on another successful start to the academic year!

The Studentnet Team

www.studentnet.net

Studentnet Security & Privacy Credential

Security & Privacy

Commendations

• Australian Privacy Awards 2008 – Highly Commended, Microsoft Small Medium Business category

• Australia New Zealand Internet Awards(ANZIA) 2011, Finalist, Security and Privacy category

Industry Associations

• Cybersecurity Advisors Network(CyAN)

• Access 4 Learning - Schools Interoperability Framework(SIF)

• Office of Australian Information Commissioner(OAIC) - partner

• APNIC

• .au Domain Administration(.auDA) – Supply Member via CoClo

• OpenID Foundation sustaining member – via Parent company Coherent Cloud(CoClo)

• IDPro Advocate level member – via Parent company Coherent Cloud(CoClo)

• Ed-Fi Alliance member

• Internet Society - member

• Internet Society of Australia(ISOC-AU) – Bronze member via CoClo

• Association of Computing Machinery(ACM)

• Financial Services Institute of Australia(FINSIA)

• Managers of IT in Education(MITIE)

Standards

• Cert Australia Partner – registered with Australian Federal Government’s Defence department Australian Signals Directorate as part of Australia’s Critical Infrastructure

• Joint Cyber Security Centre(JCSC) – registered Sydney JCSC partner, an initiative of Cert Australia

• Australian Internet Security Initiative(AISI) – Studentnet was the first education related organisation to participate in and comply with AISI

• APNIC DASH - Dashboard for Autonomous System Health

• Payment Card Industry – Data Storage Standard(PCI-DSS) – Studentnet’s facilities have been audited to comply with the standard required for the storage of credit card and financial data even though we do not retain any such data

• Notifiable Data Breach(NDB) – scheme participant

Technology

Standards

• SAML 2

• oAuth 2

• Shibboleth

• OpenID Connect

Facilities

• GlobalSwitch data centre

• NTT connectivity

• Telstra Connectivity

• Indicium connectivity

• Pipe Networks - peering

oOo

Safer Technology for Schools(ST4S) accreditation for Cloudwork

 

Safer Technologies 4 Schools (ST4S) is a national service that assesses the safety of digital products and services used by Australian schools.

The ST4S badge helps school leaders and educators easily identify suppliers who have been assessed through the ST4S service. This gives schools peace of mind that simple, easy to understand privacy and security information is available for this supplier’s product, and it meets the minimum required standards for use in the badge program.

Studentnet is proud to advise that Cloudwork has successfully qualified to be part of the Safer Technologies 4 Schools (ST4S) Product Badge Program in 2021.

Undergoing assessment under the ST4S program is part of Studentet's security and safety commitment to the Australian education community.

Studentnet Cloudwork V43 Release Notes: AuthentID School Branded Authenticator

 V43 New Features

• AuthentID - A new multifactor option has been added. Find the CloudworkID Authenticator on the Apple and Google Play stores today. Available in generic and school branded versions.
  
• Improved file uploads - A new sync profile for for uploading files has been added. Over time, we'll be migrating email CSVs to use this new sync profile to provide more reliable and more powerful syncing 
• Password Complexity - New password complexity options have been added, allowing for more powerful and flexible password and passphrase rules. 
• MFA - The MFA onboarding workflow has been significantly improved, with better user hints and the ability to continue logging in after enabling SSO 

Bug fixes and improvements

• OpenID Connect support has been revamped to provide large performance improvements 
• New event types have been added for geoblocking related authentication failures 
• Resolved an issue that prevented Azure AD from authenticating SMTP requests correctly 
• Fixed an issue resulting in user sessions sometimes not lasting as long as expected 
• Fixed a bug that sometimes prevented Administrators from replacing the logo in the theme 
• Some changes have been made to improve performance of Adobe syncing. This is the first phase in a longer project to improve support for Adobe 
• New event types have been added for TASS syncing 
• Welcome messages have been updated to allow the SIS ID to be included as a template option 
• Resolved minor security issues

Studentnet’s Holiday Availability 2021/2022

 

The Cloudwork Support team would like to wish you all a fabulous Christmas plus a happy and safe New Year! We just wanted to let you know that all of our normal 24x7 monitoring systems and emergency response arrangements will be in place and operational over the entire holiday period. The following restrictions will apply over the festive season: An embargo will apply on all changes or requests for implementation of new feature between 10am December 24th  2021 and 10am January 10, 2021 All existing account provisioning implementations will continue on their agreed to schedules. No new account provisioning implementations will commence until after the commencement of Term 1, 2022. Between mid December and mid January key vendors do not allow any planned changes. This restricts our ability to complete new orders and to change services.  If you have plans during this period please contact us now for further details about how you may be affected, and please submit orders early to avoid delays. Between the 24th of December and the 10th of January, Studentnet will have skeleton NOC staff available. Non-urgent issues are best communicated via either: submitting a ticket via (https://support.studentnet.net), or sending an email to help@studentnet.net limited phone support will be available during business hours on +61 2 9281 1626 Of course our normal emergency support and operation services still apply. For urgent issues, the contact number for the NOC is +61 2 9281 3905. Once again please have a safe and joyous festive season. The Studentnet Team

Studentnet Advisory TLS 1.2 upgrade & Windows 11 support for TL 1.3

 Hello IT Admins,

We have 2 TLS related advisories for Microsoft Windows listed below.

1. Windows Network TLS 1.2 Upgrades affecting on-prem provisioning

As part of good security practice, many IT admins are upgrading their Windows networks to support TLS 1.2 and deprecating the use of TLS 1.0 and 1.1. This upgrade can affect the processing of Studentnet's Cloudwork Identity Node(CwIN) located on your school premises.

Studentnet started observing CwIN operating issues yesterday(20/10/21) morning. The symptoms are that Cloudwork's on premises provisioning of accounts from your management system to your AD appears to fail to complete.

Studentnet is issuing this advisory to inform you of the issue. There are a variety of solutions depending upon the upgrade status of your various Windows components.

We'd like to discuss the options with you prior to implementing the most appropriate solution for your school. If you experience any difficulty with completion of your account provisioning we request you to please log a ticket on our help portal(here: support.studentnet.net) or by sending an email to help@studentnet.net.

More information on the impact of upgrading to TLS 1.2 on a Windows network is available here:  

2. Windows 11 clients unable to login to Office

Microsoft are enforcing a very hard implementation of TLS 1.3 in Windows 11. At the moment our Cloudwork infra-structure needs an upgrade to support TLS 1.3 but that upgrade will be very disruptive as it involves an entire re-start of our technology stack - something one does not do lightly especially at one of the busiest times of the year for schools.

We have a temporary fix for the problem...

For the moment users on Windows 11 will need to disable TLS 1.3.

This option is under Internet Options -> Advanced

It seems that windows 11's implementation of TLS 1.3 prevents Windows 11 from correctly talking to Cloudwork, however forcing it to use TLS 1.2 works.

We're working on a solution to this issue, however it will represent a fairly large infrastructure update to Cloudwork, and is unlikely to be completed before the Christmas break.

Once we have upgraded our infrastructure to support TLS 1.3 we will send out an advisory at which point those users that have implemented the above fix will need to undo it.

Regards,

The Studentnet Team
PS: Remember to join our LinkedIn Group