Last updated: 
1 week 6 days ago
Blog Manager

One of Jisc’s activities is to monitor and, where possible, influence regulatory developments that affect us and our customer universities, colleges and schools as operators of large computer networks. Since Janet and its customer networks are classified by Ofcom as private networks, postings here are likely to concentrate on the regulation of those networks.

Postings here are, to the best of our knowledge, accurate on the date they are made, but may well become out of date or unreliable at unpredictable times thereafter. Before taking action that may have legal consequences, you should talk to your own lawyers.

NEW: To help navigate the many posts on the General Data Protection Regulation, I've classified them as most relevant to developing a GDPR compliance process, GDPR's effect on specific topics, or how the GDPR is being developed. Or you can just use my free GDPR project plan.

Blog Article

It's relatively common for incident response teams, in scanning the web for information about threats to their constituencies, to come across dumps of usernames and passwords. Even if the team can work out which service these refer to [*], it's seldom clear whether they are the result of current phishing campaigns, information left over from years ago, or even fake details published by intruders who want to inflate their claims.

Blog Article

Recently I had a thought-provoking discussion on Twitter (thanks to my guides) on the practice of setting your users phishing tests: sending them e-mails that tempt them to do unsafe things with their passwords, then providing feedback. I've always been deeply ambivalent about this. Identifying phishing messages is hard (see how you do on OpenDNS's quiz), and creating "teachable moments" may well be a good way to help us all learn.

Prev | Next