Security 🔒

I was invited to present on my previous blog post at the WATSSA technology in education conference in Perth

Through implementing these policies, educational institutions can significantly enhance their security posture, protecting sensitive data and resources while maintaining usability for staff, students, and guests.

Introducing a new Microsoft identity solution which holds the answer to a longstanding need for a parent and guardian identity provider in schools.

CISA’s Bob Lord coined the term ‘hacklore’ for ‘cybersecurity folklore’, the stories we tell ourselves and others about the nature of technological risks and ways to avoid them that are grounded in fear rather than fact, rumour rather than evidence, antiquity rather than the present day. I see this everywhere, even in high-end corporate ‘cyber awareness’ programmes. Beware of charging your phone from a public USB socket, beware of accepting browser cookies, beware of updating devices on untrusted networks and so on....

It’s been an incredibly long time coming but at last I have a working proof of concept for an end-to-end entirely cloud-based enterprise wireless network.

Modern security and wifi standards say we have to move to certificates but that’s a tall order for many, particularly if we need to replicate the user-level identification of a humble password.

A lack of mobile support for FIDO2 auth and Passkeys from Microsoft is hampering widespread adoption but some limited use cases can bring immediate benefit to securing high-risk activities.

I’ve been tacking in the direction of cybersecurity in recent years and specifically within the Microsoft 365 suite. I took the Security Administrator track on my Enterprise Admin certification and didn’t find that too difficult as it was grounded in my day-to-day. This one was pushing the boat out as it’s more Azure-based and honestly I wasn’t expecting to pass first time, but it fairly soaked up these dull days between Christmas and New Year!...

Schools can hardly be the only organisations with legacy applications in regular use for vital ’line-of-business’ functions. Hopefully for the most part these are visible to IT, securely contained and have an end-of-life date with a succession plan rather than being adopted through choice into a modern desktop environment. A while ago I encountered a nasty and unavoidable case of the latter and had to figure out a solution. The application I was tasked to deploy was for processing sensitive financial data on our most heavily-secured devices and relied on Internet Explorer and Java....

By most estimates, Chromium browsers have a 70-80% market share and are deployed in academic and enterprise environments across the globe. Policy-based management is vital to ensure a uniform user experience and enforce security controls, yet on Windows bypassing some aspects of this as a restricted, non-admin user is trivial. This is concerning because schools may rely on these settings for duty of care and student protection. Enter Extensions In recent posts I’ve outlined why Internet security is important for schools and how network-based monitoring and filtering solutions are no longer sufficiently comprehensive to be viable in isolation....