Information Security

10 October 2014 at 3:32pm

BYOD: Government Guidance

Andrew Cormack
BYOD
Information Security
I had been planning to write up a summary of my thoughts on Bring Your Own Device, but I'm pleased to discover that the UK Government has pretty much done it for me. Their draft guidance, just published for comment, suggests an approach along the following lines:
Read more
4 July 2014 at 3:21pm

BYO by Design

Andrew Cormack
BYOD
Information Security
The recent invention of the phrase "Bring Your Own Device" seems to have got educational organisations agonising about something we’ve been doing routinely, indeed relying on, for at least 15 years. Whenever you send a member of staff home with some work to do but no laptop to do it on, or provide a webmail service for students, or invite a visiting academic connect their device to your network, you’re inviting BYOD.
Read more
26 June 2014 at 11:51pm

Security and the Board

Andrew Cormack
Information Security
#firstcon14
Senior Management
Many of the talks at the FIRST conference consider activities within and between incident response teams, but two talks today considered how CSIRTs and boards can work better together. Pete O’Dell suggested that many company boards either delegate or ignore information security, perhaps considering that it is “just another risk”.
Read more
9 May 2014 at 11:03am

Interpreting incident statistics

Natalie Allred
Information Security
CSIRT
Just a reminder that the Janet Security Incident Classification Scheme is available here to help you with this.
Read more
2 April 2014 at 5:32pm

Information Security Updates at Networkshop

Andrew Cormack
Information Security
#nws42
A strong common (and unplanned, honest!) theme emerged from the information security session at Networkshop yesterday: that information security, or information risk, is ultimately the responsibility of individual users. Only they can decide which documents it is safe to read on a train, which phone calls they can make in a public place.
Read more

Janet ESISS: Identifying security risks within your network

Natalie Allred
24 March 2014 at 3:52pm
Cybersecurity
Information Security
Learn more about the Automated and Manual Penetration Testing offered by Janet ESISS, and how the service can benefit you. www.ja.net/janet-esiss
Read more

Janet ESISS: Are your information systems protected?

Natalie Allred
24 March 2014 at 11:54am
Cybersecurity
Information Security
Read about how Janet ESISS helped an FE college secure its systems and how we can help your organisation. www.ja.net/janet-esiss
Read more
6 March 2014 at 9:07am

BYOD: Doing it Better

Andrew Cormack
BYOD
Information Security
policies
I reckon the education sector accepted user-owned devices (now known as Bring Your Own Device) at least fifteen years ago, the moment we provided remote access and encouraged staff and students to work outside the office. My talk at the Janet/Jisc services day in London therefore looked at how we can do it better, suggesting a three step plan. Your comments and experiences on these ideas would be very welcome:
Read more
13 December 2013 at 11:22am

BYOD: Doing Security Together

Andrew Cormack
BYOD
Information Security
Presenting at the Jisc’s Safer Internet Day event got me thinking a bit more about the shared interests between owners and organisations in a BYOD scheme, and the opportunity that might present. For many years I’ve liked the idea of helping users be safe in their personal Internet lives (where motivation should be a matter of self-interest, rather than "having to comply with policy") and improving workplace safety as a side-effect.
Read more

Protecting Sensitive Information: Workshop Report

Andrew Cormack
Friday, April 19, 2013 - 09:55
Information Security
This report summarises the conclusions of a workshop organised by Janet CSIRT in March 2013 to discuss with invited participants how sensitive research and other information is protected in universities, and how existing best practice could be developed and expanded. We are very grateful to all those who contributed to the workshop and to this report.
Read more
Subscribe to Information Security