News Feeds

Please note that UKTP.net is not responsible for the content of any external news feeds displayed on this site.

Share this page on facebook
One Day IT Courses

One Day Computer Courses at your company premises. InIT Learning provides all the equipment you just provide a room. Prices start from as low as £80.00 per delegate.

One Day Computer Courses

Home Jisc News JISC News
Jisc news


  • Universities launch cyber attacks against each other to test defences

    Twenty UK universities have signed up to take part in a cyber attacking exercise that aims to expose weak spots in their systems which could be exploited by illegal hackers.

    The competition, called Exercise Mercury, aims, for the first time, to benchmark security posture in higher education and to share the resulting information for the benefit of the whole sector.

    Universities are paired off and each spends a week “attacking” the other using an internal team of staff and students to uncover vulnerabilities in processes, policies, procedures, technology infrastructure and the digital footprint.

    Teams typically spend two days checking out what’s most important to the opposition (sensitive research, for example) and the remainder of the week working out how to cause the most damage. Using open source intelligence and social engineering techniques, the “hackers” perform a controlled simulation of an attack with clear legal boundaries. The winning team is the one that would have made the most negative impact.

    Exercise Mercury, which is free for all participants, was launched at the Jisc cyber security conference in November 2018 by keynote speaker, Kieren Lovell, a communications and cyber security expert. Kieren has a military background, but was, until summer 2018, working for the University of Cambridge, and has since moved to Tallinn University of Technology in Estonia.

    Once all 20 universities have been tested, which will take about six months, the data will be collated and information on common vulnerabilities shared throughout the UK higher education sector by Jisc, which is supporting the competition. Jisc provides cyber security protection for members' connections to the Janet Network, and helps universities to protect their own cyber space.

    Kieren Lovell said:

    “Although this is a fun exercise, the professional pride at stake adds a competitive element and means the teams are very motivated to get results. What we learn will help universities to protect themselves from hostile cyber actors, who are a growing problem for all organisations. It will also give university security staff invaluable experience in ethical hacking.”

    Jisc’s director of security, Steve Kennett, added:

    “Through our relationships with security agencies such as the National Cyber Security Centre, Jisc is doing all it can to collate and share intelligence on cyber attacks for its members and this excellent competition will provide even more valuable information. We hope it will give us a better idea of the actual security landscape in higher education.”

    And Professor Rain Ottis, head of the centre for digital forensics and cyber security at Tallinn University of Technology, Estonia, said:

    “This truly is a win-win situation. The only losers from this exercise will be wannabe attackers, as it will reduce exposure to vulnerabilities. It will also allow us to understand what the problems are within our industry, as well as providing international connections to better share proper threat data.”

    To find out more, and to sign up to take part, visit exercisemercury.eu.



  • Jisc helps the higher education sector save almost half a million, thanks to affordable digital archive collections

    The digital archival collections group purchasing pilot by Jisc is now a fully-fledged scheme thanks to the success of two pilots that saved participating universities a total of £458,000.

    Under the scheme, Jisc Collections works in collaboration with nine publishers to make digital archive collections more affordable for HE organisations.

    Libraries can choose from 110 primary source digital archival collections across the nine publishers: BrillBritish Online ArchivesDe GruyterEBSCOIrish Newspaper ArchivesProQuestPublic Information OnlineTaylor & Francis and Wiley.

    Jisc’s approach to the scheme is community-centred and based on the principle that the more products purchased, the lower the price for those participating. Members of the scheme collectively help each other drive down the cost by leveraging the power of group purchasing.

    Karen Colbron, digital content manager at Jisc, said:

    “The success of group purchasing lies with the collective buying power of our members driving the discounts they all benefit from based on the total number of purchases per publisher.

    "Following the successful pilot phase, we’re pleased to offer this acquisition model as an on-going annual service to our members, significantly increasing the number of publishers, products and subject areas covered.”

    Neil Davies, content acquisition manager at Durham University Library said:

    "The transparency of information received, along with the discounts achieved, enabled us to make decisions about digital archival collections with certainty about the price, ensuring we got the best value."

    Eleanor Craig, content delivery and access librarian at the University of Sussex and group purchasing pilot participant, said:

    “Knowing that Jisc Collections would be working to get the best deal possible for the academic community meant we could just sit back and select the ones we were most interested in.”

    The group purchasing scheme will run for four years and is open to all HE institutions as defined in the Jisc banding model



  • Jisc presents to MPs on education’s role in Industry 4.0

    Ageing PCs and a failure to get the basics right are hampering the education sector’s ability to prepare students for the fourth industrial revolution, Jisc’s futurist Martin Hamilton tells MPs.

    Digital capabilities and infrastructure in schools, colleges and universities must be improved to prepare people for the fourth industrial revolution, a committee of backbench MPs heard this week.

    Martin Hamilton was invited to appear as a witness at the education select committee’s meeting about the fourth industrial revolution – dubbed Industry 4.0. He told MPs that the UK faces a “dual challenge” as the UK approaches this technological revolution.

    “How do we prepare our learners for these near-future careers and near-future industries?”, he asked. “Also, how do we reinvent what it means to be a college and what it means to be a university?”

    Martin answered questions on evidence Jisc had submitted in advance to the committee about how the education sector could meet the challenges posed by the revolution in emerging technology such as artificial intelligence (AI).

    Education 4.0

    Jisc’s response to these  innovations, which Jisc calls Education 4.0,  envisages a UK education sector that is transformed by a digital-first strategy that embraces technologies, including AI and augmented reality, which will play a critical role in future jobs.

    Martin was keen to emphasise the importance of basic skills, telling MPs that the failure of one third of key stage two students  to meet the expected standards of numeracy and literacy was “an enormous problem” in relation to their preparation  for  tomorrow’s workplace. 

    He said: “How can those people go on to successful careers in an increasingly digitised world if we can’t get numeracy and literacy right?”

    Martin added that, despite the success of the Department for Culture Media and Sport’s Local Full Fibre Network (LFFN) programme in improving connectivity to poorly-served schools, many still don’t have the hardware to take advantage of these super-fast connections.

    Eight-year-old PCs

    “BESA, the British Educational Suppliers Association, does an annual survey which showed that two thirds of secondaries and two fifths of primaries claim to have ‘inadequate infrastructure'. I hear about eight-year-old PCs, I even heard on social media from a college which is using 10-year-old PCs. So there’s a lot that we could do even just with a one-off capital injection to say let’s get everyone on a level playing field.”

    The committee also heard Martin and other witnesses, including Nottingham Trent University’s Professor David Brown, Priya Lakhani of CENTURY Tech and Vinous Ali of Tech UK, describe the difficulties of introducing new technologies to teaching staff, who need time and support to develop digital skills for teaching.

    Martin suggested that teachers needed a deeper understanding of emerging technologies and cited the Welsh government’s digital competency framework for learners and its efforts to embed digital skills into the curriculum for teacher training, while Scotland was also improving digital teaching and learning throught its Digital Learning and Teaching Strategy. “It pains me to say this, but there is perhaps an ‘English gap’ and we can learn in England from the devolved institutions,” said Martin.

    Informal conversations

    Martin added that peer learning, particularly in the form of informal conversations, was helpful for training purposes and welcomed the emergence of Edtech Impact, a Trip Advisor-style platform to research and assess new technologies for education.

    Asked by committee chair Robert Halfon MP to respond to comments by Professor Sir Anthony Seldon at a previous committee meeting, witnesses also discussed the slow take-up of AI and machine learning in schools.

    But Martin insisted that there is more AI already in use “than people currently realise”, citing Jisc’s learning analytics service, which red-flags disengaged students at risk of dropping out and, therefore, helps educators make timely interventions.

    Martin also pointed out that the Welsh government, which recognises the importance of this technology, has funded the service for all learners at Welsh universities. “The example of Learning Analytics Cymru is that we can do quite a lot if we act in a concerted way and there are, maybe, parallels that can be drawn elsewhere in the UK.”

    More information



  • HESA and Jisc integration

    The Higher Education Statistics Agency (HESA) and Jisc are in discussion regarding the intention to integrate the two organisations more closely, to advance the aim of making the UK the global leader in data- and digitally-enabled higher education.

    Combined, the two organisations believe that their complementary strengths can provide better services to the sector, help to manage subscriptions and enhance the impact of higher education in the UK.

    Conversations are at an early stage and the detail needs to be worked through. This includes consulting with key stakeholders, assessing what it means in reality for each organisation and, above all, ensuring the status of HESA as the designated data body is protected.

    HESA and Jisc have a long-standing and successful relationship, having developed services such as Heidi Plus to deliver business intelligence for HE providers, public sector and charities.

    This collaboration builds on the recommendations of the 2017 Bell Review for sector agency consolidation and increased value for money. The two organisations are now seeing how, together, they can bring a stronger offer to their members through complementary capabilities and expertise in the collection, analysis, and use of data.

    HESA chief executive, Paul Clark, said:

    “I believe that UK HE has the potential to enhance its global position through the effective use of digital and data-driven enhancements. Building on our existing work with Jisc, this closer integration will be the first step in realising these ambitions.”

    Jisc chief executive, Paul Feldman, said:

    “Jisc’s vision is for a digitally advanced lifelong learning nation, transformed by technology. The availability and use of data is critical to realising this, so integration with HESA offers greater potential to create and innovate together as well as deliver an even stronger offer and better value for our members. Among potential benefits could be new data insights and sector performance diagnostics.”



  • Rev up your startup

    Enter our 2019 edtech startups competition and get your fledgling business on track

    Every young business can benefit from help and guidance at the start.

    If your business is launching a product that will improve education, research, or both, our 2019 edtech startups competition gives you the opportunity to win support and funding from industry experts. 

    You have until 17:00 on Monday 21 January to make your pitch to us. 

    We’re offering five businesses mentorships worth up to £10,000 from ourselves, Emerge Education and other industry experts. There's also the possibility of up to £5,000 funding and additional focused support worth £5,000. 

    Gaining inside knowledge

    Creative Commons attribution information
    Lotis Bautista and Melissa Mitchell, VOLO

    Lotis Bautista and Melissa Mitchell entered our startups challenge in January 2018, looking for support to grow their career volunteering platform, VOLO

    They were attracted by the competition’s clear focus on the edtech sector and progressed through the two-stage selection process successfully. 

    Lotis said:  

    “The programme made us think carefully about what were doing and whether we could do it better. As a result, we’ve transformed many of our processes and learned more effective ways to deliver value to our university partners. 

    "This inside knowledge has been the single biggest benefit for us. Although we felt well-grounded before, now we really know who to speak to and how and we have the confidence of having succeeded in a competition run by an organisation that’s highly regarded in the sector.” 

    Scaling up a fledgling business

    Dr James Gupta and Omair Vaiyani were also among the 2018 edtech startup winners.

    While at medical school three years ago they developed a quiz-based app to help students with revision. Following success in our student ideas competition (the predecessor to the edtech challenge) the team focused on optimising the content for mobile. Now, one in four UK medical students rely on the app to help them revise.  

    James and Omair are now working on the business full-time and they’ve expanded to offer bite-size training for businesses and their employees. Businesses use their personalised training platform, Synap, to create customised, bite-sized online training that staff can access on any device, at any time that suits them. 

    James and Omair then took part in the edtech startups competition for support to scale up their fledgling business. James said: 

    “We took part in a series of themed workshops with six other startups which were at roughly the same development stage, exploring a range of business topics and this was really valuable.

    "It was essentially a virtual accelerator and it has helped us to scale up and plan the next stage of our development. It’s given us a solid grounding in business processes and introduced us to some key contacts who can help us as we grow. 

    “We also got some grant funding from Jisc and we’ve spent it on research and development. One thing we’ve done is to build an analytics system so that universities have insight into how students are using the revision quizzes and can tailor their support as necessary.” 

    The edtech startups competition is the second element of our edtech launchpad programme, which also includes the edtech challenge for students with product ideas. Other previous startup winners have included the student finance platform Blackbullion and Placer, an app for finding work experience opportunities.

    This is a competition that’s about providing effective, strategic business support, as Jisc’s head of change, Sue Attewell, explains: 

    “Our winners receive targeted mentoring and support from Jisc and Emerge Education so they can improve their businesses and get their products out into universities and colleges, where they will improve education and research. 

    "The programme offers access to a number of specialist experts and the businesses have to commit their time and effort to get the most from the programme, but Lotis, James and the other winners have demonstrated that it’s worth it. The competition is also quick and easy to enter.” 

    Get involved

    To take part, simply go to our edtech startups competition and submit a concise summary telling us what problem your product solves and who benefits.

    Include information on your business model, your team and a description of the product. You can also provide a short video pitch if you like. 

    Shortlisted entrants will be invited to a speed pitch process at our showcase event, Digifest 2019, in March. 

    Further information



  • Where will your good ideas take you?

    Inspire us with your ideas for a next-generation virtual learning environment in our first edtech challenge of 2019. 

    We’re looking for great ideas – and great people – to work with us on solutions for some of the big upcoming edtech challenges.

    So we’re running three themed competitions in 2019 to help us find them. 

    Our first challenge

    For the first edtech challenge we’re looking for ideas about developing a virtual learning environment (VLE) without a screen.  

    What might this new-style VLE use for its interface? Senior co-design manager Paul Bailey suggests that artificial intelligence, augmented reality, virtual reality, wearable technologies and voice controls might all play a part. He adds: 

    “A new approach to the VLE would open up the possibility of new benefits and better experiences.

    "A voice-activated system of rewards for getting the right answer, for example, could offer some students a powerful incentive to participate, and potentially improve outcomes for them and for their group as a whole.” 

    The edtech challenge is open to all college and university students and staff with good ideas to share.

    There isn’t much time as entries close on Monday 4 February 2019. 

    You don’t have to build anything – just send us up to 1,000 words explaining your concept, including the vision and the benefits, and provide a design overview in any suitable medium. 

    Improving the student experience

    We’ve deliberately made the ideas challenges very easy for everyone to enter, whether they’re technologically minded or not, because we want to see what’s on students’ minds.

    Sue Attewell, Jisc's head of change for further education and skills, explains: 

    “The entries will show us the things that could really improve the students’ experience. That could be something genuinely visionary but equally students might just need something that helps them study more flexibly to support their increasingly busy lives. 

    "By gathering in as many ideas as possible we can get a better understanding of what really matters to people and make sure we use that knowledge to keep our work on track. 

    “We will, of course, reward people for their effort by offering prizes for the best ideas and we could also work with one or two to develop new products or services.” 

    There are cash prizes of up to £1,000 for the winner and runners-up, and all shortlisted candidates will see their ideas showcased via our edtech blog and at Digifest in March. But those aren’t the only reasons to enter.  

    A positive experience

    Brad Forsyth

    Ravensbourne University student Brad Miller took part in an earlier edtech challenge, with his idea “app to the future” - an app to help students find the courses, work experience placements or careers that meets their needs and help them make applications and track progress.

    Brad’s vision for the project is to get people into the jobs they want to be in and developing the app via the edtech challenge has been a positive experience for him: 

    “I had the idea for the app a few years ago and I knew I could get it off the ground with some backing. So, I entered the competition and got shortlisted, which led to us all attending a five-day hackathon event to help us develop our concepts further. 

    “We looked at how it might work, how users would navigate within it and how it should be promoted, and then we pitched the worked-up idea in a "Dragon’s Den" format so that Jisc could select the winner and runners up. 

    “Everyone who took part in the hackathon came out of the process with some really useful experience, a more developed business idea to take forward, and a network of contacts.

    “This is one of several things I’ve done with Jisc. I’ve taken part in student panels at events like Connect More and I'm a student partner working on ways to make sure developments in edtech do what students want them to.

    "It’s been a great way to get practice with speaking in public, it’s become second nature, so presentations don’t hold any fear for me. And I’ve got to know people within Jisc who I can speak to for expert advice and to open doors – it’s such a diverse organisation and its connections are amazing.” 

    Get involved

    If you’d like more information and details of how to enter, please visit our edtech challenge web page. Remember that entries close on Monday 4 February 2019. 

    There will be two further ideas challenges taking place in spring and summer 2019 – the second will launch on Tuesday 12 March 2019 and the theme will be announced in the new year. 

    Good luck!



  • Jisc and Eduserv to merge and form UK public sector tech powerhouse

    Jisc, the UK’s technology solutions organisation for higher and further education, and Eduserv, which specialises in digital transformation in local government, public bodies, healthcare, charities, higher education and emergency services, are coming together to form a unique powerhouse of world-leading expertise to benefit all UK and overseas clients.

    The two charities will begin operating as one from 1 January 2019, in a move that will retain existing staff and services.

    The new organisation’s collective expertise will provide unparalleled technological support to more than 20 million users in several international markets such as the US, Australia and Scandinavia.

    Jisc’s CEO Paul Feldman said:

    “This is an exciting step forward in how we support and enable the education and wider public sector, while taking advantage of the technologies driving Industry 4.0. Together, Jisc and Eduserv will have greater scope to co-create innovative products and services to meet the needs and expectations of students and citizens, without duplication of effort, time and money.

    “Jisc is committed to making the UK the most digitally advanced education and research nation in the world, and this aim will be bolstered with the addition of Eduserv’s expertise. As a bigger social enterprise organisation, we can invest our income into developing digital services and products that empower colleges, universities and research centres to provide students with an outstanding education experience that will set them up for the needs of the modern workplace. This merger will also allow us to help lifelong learning and research be the best it can be.”

    Eduserv logo

    Eduserv’s CEO Jude Sheeran, who will take up a position as trustee on the Jisc board come January, said:

    “In a truly digital age, it is vital for the UK that a not-for-profit, socially driven technology player of scale emerges. From our roots in education to our more recent work with government and charities, our mission has always been to enable organisations to put digital technology to work for the benefit of society.

    “The opportunity to do exactly that is greater today than it has ever been and, as a combined entity, we believe that we can have a substantially greater impact and help develop the UK’s standing as a true powerhouse of digital technology. This merger will give the public and third sectors access to more, better and potentially lower cost technology services and digital knowledge transfer at scale, as well as a strong, ‘top-table’ advocate for digital progression.”

    For members and customers, there will be a greater range of services to choose from with Chest, OpenAthens and Eduserv Cloud Solutions creating a strong portfolio of services with Jisc’s current offer.

    The new organisation will be more influential in its aim to make the UK the most digitally advanced nation in the world; it will have more influence in governmental organisations and its collective buying power will have more clout when negotiating deals.

    Besides its portfolio of more than 100 products and services, Jisc operates the national research and education network, Janet, and has a staff of more than 620 principally in London, Manchester, Harwell and Bristol. Eduserv has 100 Bristol-based employees and focuses on digital transformation, identity and access management, licensing and cloud solutions.

    The 220 Jisc staff at its central Bristol office will stay in situ until refurbishment is complete at Eduserv’s building in the city, forecasted to be completed in autumn 2019.

    Jisc and Eduserv will keep their individual identities and websites after 1 January 2019, although in time, the new entity will be brought together under the Jisc brand.



  • Personalised AI assistants and automated marking – welcome to Bolton College

    We speak with Aftab Hussain, strategic information learning technology lead at Bolton College, about how the college uses data to provide every student with a personalised AI assistant, his plans to reduce administrative workloads for teachers, and what he thinks about Education 4.0.

    Who is Ada the chatbot?

    Aftab Hussain photo

    Ada (named after Ada Lovelace) is our chatbot for Bolton College. The college uses its student dataset to create a personalised, AI-driven assistant for each student.

    It’s all based on data and analytics, and it is part of the college’s desire to increase the use of AI to inform what we do. She’s part of a suite of cognitive services that are redefining how students, teachers and support teams access day-to-day services at Bolton College.

    Students can log on to the student home page at any time of the day or night to ask Ada specific questions about their studies, such as “can you show me my timetable?”, “when does my work placement start?”, and “have I got any exams coming up?”.

    At the start of the last two academic years, we logged more than 1,000 students a day asking about classes, timetables, college services and more. With generous support from the Ufi Charitable Trust, we are now developing the same service for staff, which will enable teachers and support teams to garner on-demand information on student progress. We hope this will save colleagues time and simplify access to information which may be held across a number of systems around the campus.

    The college’s use of conversational or voice-first services is going beyond the web-based chatbot service. We are making good progress with the development of our iOS and Android apps for the Ada service and, by February 2019, students and teachers will be able to pick up their smartphones and ask Ada for answers to a myriad of questions.

    We recently published an Alexa skill for our chatbot service, so students and staff can now ask their Amazon Echo smart speakers about college services - effectively engaging with their own personalised assistant wherever they are.

    Our services are designed to save time, which will allow staff to focus more readily on supporting students. We estimate that, over time, the service could save staff a day each week.

    Do you use any of the data to support student wellbeing?

    Yes, we do. Very early in the project we asked the college’s mental health team how the chatbot should respond if a student asked a question around their mental health. For example, if a student has been made homeless or is struggling with stress, or self-harm, the chatbot service will respond with links to appropriate online information and the contact details for the college’s mental health team.

    We are also improving the service so that our mental health unit is automatically notified when students are seeking further advice and support on these matters.

    What are your future AI plans for Bolton College?

    Our goal is to roll out multiple services that leverage the use of AI or cognitive services that will help our students, teachers and support teams.

    Firstly, we are developing an automatic marking service for our work experience programme. We hope the service will improve the quality of work placement evaluations that all students complete at the end of their placement and also to reduce the workload of our career coaches who are tasked with monitoring and signing off more than 1,700 students who undertake a work placement each year. 

    [#insertinlinedriver chatbot#]

    Secondly, we want to make use of services that will enable us to automate the production of reports. These could include the production of daily or termly student report cards, or the production of management reports.

    Thirdly, we want to make use of process automation to support colleagues and students with day-to-day activities and workflows.

    How did this all start for you?

    It’s been a natural evolution. My background is quite varied. I’ve managed tech, data, and online learning teams in other organisations and have worked on all the major strands of learning technology on campuses over the past 20 years.

    The great thing is that technology has come so far in the past few years and we’ve been able to capitalise on the advancements and create some really helpful services and projects for the college.

    Who makes up your development team?

    Our team is six strong, so not large. However, in the FE sector in the north west, where a number of colleges have had to reduce their learning technology teams, we’ve invested to keep hold of ours and that’s paid dividends over the last few years.

    One of our team philosophies is to create “calm technology”. Some of the features of calm technology include its ability to reduce complexity, simplify everyday tasks and routines, perform complex tasks in the background, its capacity to support conversational services and more.

    What advice would you give to other organisations who want to introduce AI driven edtech?

    I’d say collaboration and communication are key.

    What we’ve found is that teams have to work closely to bring about these services. For example, our data team works closely with the learning technologies team to develop and deliver our AI services, and we all keep the IT team informed so they’re aware of potential demands on the network.

    We have a digital strategy group, and operational groups beneath that, and they bring the various strands of our digital strategy together harmoniously.

    Some technologies are too expensive and can only be rolled out to a few students on campus, so we concentrate on creating services that add value at scale. A key approach for us is that we try not to get distracted by all the new shiny technologies and potential services, but instead focus on making a few things work incredibly well.

    We’re a small team on a small campus, so we concentrate on what we’re good at. It’s certainly working, judging by the student feedback!

    Of course our teams are hugely busy, but the end user experience for staff and students is seamless, and that’s what matters.

    What does Education 4.0 mean to you?

    [#insertinlinedriver edtech#]

    For me, 4.0 is all about using new tools to solve old problems.

    It’s about creating new models for delivering education services and providing super-personalised, contextualised and tailored solutions for all staff and students.

    AI as the main tool, and data makes AI services a lot more powerful.

    What does the future have in store for edtech and AI?

    Right now we have a chatbot. I think in the future that chatbot will morph into a personal cognitive assistant that supports students throughout their entire educational life, from nursery school to university and beyond.

    The personal assistant will learn from each student throughout their life and adapt according to what they like, while guiding them through studies. It could remind when homework is due, book appointments with tutors, and point towards services and events that might support studies, for example.

    I like to think that we’re a year or two away from that sort of technology becoming commonplace within the FE sector.

    Follow Aftab on Twitter (@Aftab_Hussain) to keep up with edtech news from Bolton College.



  • Data conference puts the spotlight on student experience

    The customer insights director of Harrods will give a keynote speech at the Data Matters conference, focussing on how data analysis can be used to improve the student experience.

    David Boyle will draw on his experience of using analytics in presidential campaigns, the music industry as well as in the luxury retail store.

    He will speak at the Jisc-supported Data Matters education conference in London, 16 January 2019.

    Delegates will also experience a range of workshops showing how data can be turned into useful insights for university staff.

    The event is the second Data Matters conference and the latest collaboration by the M5 group, comprising Jisc, the Quality Assurance Agency for higher education (QAA), and the Higher Education Statistics Agency (HESA).

    Paul Hazell, evaluation and analytics manager at QAA, said:

    “The higher education sector is not alone in using data to improve performance and provide insight. We can and should learn from other sectors: that's where innovation happens.

    “We should be able to translate some of that innovation into improvements for our students.” 

    Delegates will also hear from the Higher Education Policy Institute (HEPI) and find out about QAA’s latest research into whether social media reviews could have a role to play in determining quality.

    The workshops include:

    • Learning analytics - tales from the front line
    • Weaving narrative and numbers to create a pattern of student success
    • Data futures - the benefits it will bring
    • Data-informed enhancement of student wellbeing
    • The intelligent campus

    Jisc’s head of higher education and student experience, Sarah Davies, said:

    “I’m really excited that this year’s conference is focused on the use of data to support the student experience.

    "One of the great strengths of this event is to bring together staff from a wide range of different roles in HE to explore how we can make most effective use of data for the benefit of students.

    "There are plenty of workshop sessions for both data beginners and experts, and which allow delegates to discuss experiences and take new perspectives back to their institution.”

     Find out more about the event and book your place on the QAA website.



  • Autonomous agriculture wins technological innovation of the year

    We’re proud to announce the winner of the Jisc-sponsored Times Higher Education Award for technological innovation of the year, presented last night at a ceremony hosted by Sandi Toksvig.

    Viewed as the “Oscars of higher education”, the awards attract high-calibre entries, showcasing examples of excellence within the higher education (HE) sector in 2018.

    Barley by robots

    The Jisc award recognises and promotes technological breakthroughs at institutions in products or services that have the potential to significantly enhance the commercial or public sector.

    This year, Harper Adams University lifted the trophy thanks to its impressive “Hands-Free Hectare project”. The project proves that it is possible to grow a barley crop without a single person being physically present in the field.

    Supported by Innovate UK, researchers worked with Yorkshire Business Precision Decisions to create an agricultural system that uses autonomous vehicles and drones along with a wind-based micro-energy installation to run on-site computing equipment.

    The world-first project attracted interest from around the globe, including coverage in Nature and on BBC One’s The One Show. UK government officials took notice, and project leaders reported on the system at conferences as far afield as India. The project proposal was presented as part of researchers’ evidence to a House of Lords committee designed to demonstrate that autonomous vehicles could help to make crop production systems more efficient and sustainable.

    Cheers!

    The barley crop was harvested in late summer 2017 – and the grain has been made into an exclusive gin, with a beer to follow.

    Jisc CEO, Paul Feldman, said:

    “Harper Adams’ initiative was seen by the panel as a step change in agricultural practice, a great example of the use of technology to benefit humankind, and a sterling illustration of university/business collaboration. 

    “The panel was impressed not only by the application but also by the impact it had around the world, and the way the project team looked to use the development to benefit others globally.

    “In society driven by rapidly developing technology, innovation is crucial for the UK’s education and research sectors competitiveness. Our researchers are at the forefront of global science, and continue to positively impact society and economies.   We look forward to seeing how the winning and nominated projects progress, and would like to congratulate all entrants on their impressive work.”

    THE editor, John Gill, said:

    “At a time when universities face challenges and headwinds, when politics and social attitudes can seem to call into question many of the things that they stand for and hold dear, it is particularly important to champion the values, creativity and dedication of those who live and breathe higher education.

    “As ever, our shortlists represent the best of the best, but our judges also reported that this year’s entries were the strongest that they could remember, so all those honoured should be incredibly proud. It's THE's great honour to help celebrate their success.”

    The full list of this year’s winners and profiles of their winning entries is on the awards website.



  • Are you looking after payment card data securely?

    Does your university or college accept credit or debit card payments? Of course. But are you looking after that payment card data securely enough? Matt Ball, chair of PCI DSS SIG, outlines nine key areas that every security team needs to consider.

    Compared to other forms of personal data, payment card data is among the most attractive for criminals to exploit and the high demand for it is resulting in ever more security breaches.

    Ticketmaster and British Airways are just two of the high-profile companies who have suffered card breaches so far this year, which is concerning if you or your staff have booked tickets online for an event or flight recently.

    The financial and reputational cost to companies that fail to protect their customers’ card data can be immense. 

    Payment security - the essential need

    Payment card data security is an essential business activity your organisation is expected to maintain at all times.

    It is your responsibility to proactively protect the cardholder data supplied to you by your customers while it is in your possession and being used for your business needs. Through preventing cardholder data and associated personal data being compromised at source, you prevent the cardholder data you have collected being used fraudulently.

    The payment card industry data security standard (PCI DSS) is the standard you must adhere to when protecting payment card data. Compliance with the standard demonstrates that the minimum level of data security for protecting card data is in place and is being maintained by the merchant.

    Reporting PCI DSS compliance is annual activity used by the acquirer to validate that payment security is in operation that meets or exceeds the PCI DSS standard. Although PCI DSS is focused on card data, PCI DSS principles have wider application for all types of personal data.

    1. Be vigilant at all times

    Hackers exploit weakness and failures, be they technical, process or people based. 

    Unexpected, untested or uncontrolled change (either internal or externally driven) can present an exploitable weakness. In most cases the hacker may be in your system for weeks or months after weakness has been exploited and before discovery.

    2. Value your staff

    People can be the best defence when properly trained, guided and supported by defined policy and procedure.

    95% of breaches can be attributed directly or indirectly to human actions. Embedding a security culture into the organisation to support and equip all staff with the essential skills to manage card data within their business area is key to maintaining compliance with PCI DSS. 

    3. Understand your payment environment

    Do you know where the payment data is? Where it comes from, where it goes? Why you have it?

    It is essential that all attributes of the payment environment are identified when card data is collected, handled, transmitted, stored. The people, locations, technology and the relationships between them should be defined and documented.

    4. Continually refine process and practices

    [#insertinlinedriver information_security#]

    Implementing PCI DSS will identify bad practices ranging from passwords being shared to card data being written down as well as identifying processes that no longer apply but are blindly followed because “we’ve always done it that way”.

    Prepare to continually evolve business processes to meet the ever changing data security needs of the business and embed it as part of the training.

    5. Maintain policies

    Clearly defined usable polices help underpin the security practices, support staff and limit uncontrolled expansion of the card payment environment.

    Use policies to define what is acceptable as well as what is not. Ensure they are publicised, acknowledged and understood.

    6. Ownership and accountability

    Without a business owner for the different technologies, processes and payment channels, you run the risk of a breach because of a long forgotten or unmanaged process or system not being patched, updated or changed in line with the rest of the payment environment.

    7. Don't scrimp on the testing

    [#insertinlinedriver pen_test#]

    Testing is essential and will pick up flaws, faults and shortfalls in understanding processes and configuration.

    Expand testing beyond deployment and use it to support auditing activities to ensure your payment environment is operating securely, meeting or exceeding the PCI DSS standards.

    8. Communication

    Ambiguous communication or breakdowns in communication have been major contributors in data breaches not being contained.

    Never assume someone else has reported or is dealing with a suspected issue. Avoid relying on email when swift action is required: talk to those who need to be involved

    9. Have a plan

    Incidents happen, they can be unexpected and without a prepared incident response plan to manage them, the fallout can be widespread and damaging to the organisation.

    Ensure your plan is tested, up to date and capable of supporting the incident resolution.

    In conclusion

    Successful secure card payment operations are driven by people operating with robust processes and backed up by correctly configured technologies.

    Reducing the number of your card payment activities and consolidating them onto a set of standardised payment services, with proven security, will help make card data security more manageable, potentially reduce the risk and support the continual compliance with PCI DSS.

    What is PCI DSS special interest group (SIG)?

    Formed in 2011, the PCI DSS special interest group is a focused membership organisation formed of HE/FE professionals working within the sector.

    The SIG supports its members with a wide range of services including training, events, resources and expertise as they work towards PCI DSS compliance. The PCI DSS SIG is the sector expert on payment card data security.



  • Jisc backs parliamentary inquiry into data and technology ethics

    If data is the new gold, then a new wild west could be emerging as a result of a technology governance gap – which a UK inquiry supported by Jisc is seeking to fill. 

    The All-Party Parliamentary Group on Data Analytics and Policy Connect are the latest to respond to this danger and have launched a cross-party inquiry exploring clearer principles and best practice standards for data use.

    We have thrown our weight behind the inquiry, which will focus on areas such as education, that stands to reap the huge benefits data and technology may bring.

    The Data and Technology Ethics Inquiry will concentrate on the areas of trust, ethics and good governance. This includes public trust, business confidence, and the trade-offs between privacy and progress that are inherent in technology developments and big data.

    It will also examine the need for accountability and redress when the first line of trust is broken.

    Recommendations will be targeted to advise the newly-established government Centre for Data Ethics and Innovation (CDEI), whose precise role is currently the subject of consultation.

    Areas that will be explored by the inquiry

    Education

    Universities and colleges can learn much about students’ behaviour and use descriptive and predictive analytics to target those with specific needs or who may be about to drop out, significantly improving their life outcomes. However, monitoring student attendance, library use and internet browsing may be viewed as undue surveillance. There could be concern over the legitimacy of university decisions on individual students based on potentially biased algorithms.

    Healthcare

    New medical treatments and medicines may result from “mining” NHS data, yet personal medical data is highly sensitive. How should we balance the scientific benefits with personal privacy?

    Automated vehicles

    Self-driving vehicles would represent a leap forward in technology, with potential social and safety benefits, yet clear transparency, liability and accountability are hard to determine when something goes wrong in a system that uses algorithms and data that derive from multiple sources.

    Policing

    Predictive analytics using databases of crimes and individuals can help prevent organised crime and terrorism, giving police new tools to help distribute and plan resources; however there are ethical questions about how data will be collected and processed, concerns about algorithmic bias and false positives, and where the acceptable limits lie in this space.

    These topics will be explored through roundtable discussions and a call for evidence, running from 13 November 2018 until 31 January 2019.

    Jisc, along with Deloitte and the Association of Chartered Certified Accountants, will take part in these discussions. A report will be published in April, with findings and recommendations.

    The inquiry is co-chaired by Lee Rowley, Conservative member of parliament for North East Derbyshire, and Darren Jones, Labour member of parliament for Bristol North West.

    Luciano Floridi, professor of philosophy and ethics of information at Oxford University and director of the Digital Ethics Lab, will be the academic advisor to the steering committee, on which Jisc will be represented by its chief innovation officer, Dr Phil Richards.

    Speaking ahead of the opening round table, held this week, Phil said:

    “The technologies at the core of the fourth industrial revolution will also transform the student experience, creating a new "Education 4.0" underpinning future teaching, learning and student wellbeing.

    “Jisc’s national learning analytics service and associated code of practice has helped establish a UK consensus there; it is vital we build on that, in relation to appropriate ethical use of wider key data sets and AI, so the UK can operate at the global forefront of Education 4.0, and prepare our learners and citizens for the radically different world that lies ahead.”



  • Top ten steps to affordable end-user security training

    Ever been asked to provide end-user security training on a tight schedule and a shoestring budget? Last summer, Ruth Charles was in just that situation.

    Ruth was acting head of cyber security policy and training at the University of Cambridge (now IT director at Newnham College, Cambridge), and with some imagination met the brief with a set of security training videos that were relevant, effective and popular.

    Here she explains how she did it with a top ten guide.

    1. Know your target audience

    The online security training we had been using previously was an off-the-shelf package consisting of a generic slide deck with question and answer checks as you went through.

    It was aimed at corporate end users and contained gems such as “always wear your lanyard and challenge anyone you do not recognise in your building” that simply could not be transposed into a university context.

    Unsurprisingly, it had received heavy negative feedback from across the university because it didn’t mesh at all with the university’s way of working or the behaviours you would expect from academic staff and students. We knew our training had to tell stories that resonated with an academic community.

    2. Keep it short

    A common theme that emerged from the feedback was that people did not want to spend one to two hours clicking "next" through 30 or 60 slides and steadily losing the will to live.

    We decided to provide much smaller, bite-sized chunks of training, in a video format, setting a ground rule that each short clip would be three to five minutes long. The online "course" would be made up of a number of these short clips with self-test quizzes attached.

    They were brief, relatively entertaining and framed as something people could sit and watch while having a cup of coffee at their desk.

    3. Prototype

    With lots of unrealistic ideas flying around about what could be produced in a short time, my colleague Lynn Foot and I worked quickly to identify suitable, affordable online animation software and mocked up a demo using a series of cartoon characters to illustrate points around phishing.

    We showed it to our cyber security programme board who were enthusiastic and gave us a green light to buy a year’s licence for the software to develop further training materials. Having a real example, however rough and ready, to demonstrate the concept can make a big difference.

    4. Assess your assets

    [#insertinlinedriver phishing#]

    With little to no budget, look at what you have immediately available that you can use.

    We delivered our training via our existing Moodle VLE, which worked very well as it allowed us to enrol people into the training and send them automatic alerts when a new module was uploaded. We could also produce data and reports on uptake and completion of the training.

    We found volunteer staff members with mellifluous experience of performing in local dramatic societies to be the voices to do the narration on the video narrators.

    5. Identify the biggest threats

    In terms of the content, we asked our CERT team for their top ten threats – the things they see over and over again that cause the most amount of inconvenience, that are hitting the greatest amount of users and absorbing the greatest amount of time.

    Those became our topics for our weekly video – phishing, spear phishing, malware, student loans scam emails, social engineering – narrating a story that put them in the Cambridge context with Cambridge terminology.

    6. Keep it simple

    [#insertinlinedriver protect#]

    At this level, people don’t need to know about all the different types of malware. They just need to know that it exists and it could find various routes on to their computer such as by them visiting a malicious website or opening a malicious attachment.

    We offered tips about how to recognise websites that look suspicious, how to avoid exposing yourself to this threat and what to do if you thought you had accidentally downloaded malware on your machine.

    The main message was don’t panic, there’s local help at hand and the important thing is to tell someone.

    Keep it very simple, very reassuring and constantly reinforce the message that there are people who can help you if you speak to them.

    7. Find common ground

    We deliberately sought to make animations that would cover overlapping user groups, in terms of our staff, our students and our post doc communities, rather than tackling topics that were too specialised for one community and not another.

    We looked for common ground to make all the modules as relevant to as many of the different user groups as possible

    8. Be diverse

    The only complaint we received came from our equality and diversity unit after two or three videos, rightly drawing our attention to the fact that our cartoon computer officer was always a man.

    We immediately found a female cartoon character in the library that we could also use. We were equally keen that our departmental administrator was not always female and our academic cartoon character was not always a man with a beard. 

    9. Update

    While our videos were timely and relevant for the summer of 2017, the threat landscape is constantly changing and so the advice we give also adapts and changes.

    Training needs to be refreshed and updated periodically. Try to factor in resource to enable those updates further down the line or risk stagnation. 

    10. Be realistic

    We created our successful end user training over a period of two months at an affordable cost. But it wasn’t free.

    The animation package cost around 700 euros (£615). More significantly, two salaried staff – Lynn and I – spent two months working on the project full time.

    If you choose not to buy something off the shelf there is a cost internally and, just as there would be time in doing software development, there is time in ensuring what you are doing is targeted correctly and actually meets your needs. 



  • How to talk about web filtering in universities

    Preventing access to extreme sexual and terrorist material on the internet is a no brainer, isn't it? After all, most of that stuff's illegal. Well yes. And no.

    Schools and colleges, which have greater duty of care obligations than universities to their under-18 learners, will certainly be making use of web filtering solutions as means of protecting learners and to comply with the Prevent agenda.

    Mention web filtering to higher education institutions (HEIs), on the other hand, and academic freedom concerns are immediately raised.

    When I’ve talked to HEIs about this issue, at the outset most think web filtering is a bad idea, but that hard line softens when I explain firstly how sensitive research can be conducted unhindered even with web filtering in place and, secondly, how it can play a role in the welfare of staff and students. With the current media focus on wellbeing in universities, who’d want to compromise on the latter point?

    [#insertinlinedriver service#]

    Sensitive research may include subjects such as terrorist recruitment tactics, or sexual psychology. With the right permissions from the university and the authorities, it’s possible to unblock content that would normally be filtered out for one person, a group of people or for particular machines.

    For everyone else, web filtering will ensure that no illegal material is accidentally seen, which protects the curious and the vulnerable.

    Safety first

    Without the right controls in place for sensitive research, a slip-up is all too possible. Let’s say a researcher is in their office legitimately looking at some illegal content. She closes the laptop and takes it with her for lunch. In the canteen she decides to check her email account, opens the lid and up pops a graphic image in full view of other diners.

    It is an offense to expose other people, accidentally or not, to this kind of content, so my advice is to create a safe space for research. People with the right permission could book to work at certain desktop computers (not laptops) in a certain access-controlled room. To get buy-in from researchers, universities can demonstrate the value for wellbeing: the university recognises such research is valuable and is putting in a process to allow freedom of study, while also taking care of the campus community.

    It’s not healthy for anyone to be viewing illegal material, so building in care plans for researchers to make sure they are not detrimentally affected is sensible, preferably in partnership with the university’s occupational health department. Web filtering solutions have built-in reporting systems that can be set up to help with this. For example, it can monitor and control the time an individual spends looking at illegal content.

    As a means of taking care of staff, processes like these are in place at the two organisations in charge of monitoring illegal content in the UK, the Internet Watch Foundation (IWF) and the Counter Terrorism Referral Unit (CTRU)1. Universities could easily adopt similar systems.

    Watching your back

    Web filtering can also protect an organisation’s reputation. Imagine this scenario: an administrator gets an email that looks genuine but is actually a phishing attempt. One click and up pops an illegal image with a message threatening to report the administrator to the police unless they pay up.

    Bearing in mind web filtering could have blocked both the dodgy email and the image, the administrator might argue he or she wasn’t properly protected by their employer. Similarly, anyone who saw that graphic image on the researcher’s laptop in the canteen could also complain.

    Moreover, accessing illegal material is an offence likely to be noticed by the authorities, which will spark an investigation. And that would make a great story for the media.

    Researchers and their employers can be further protected from suspicion by keeping a record when illegal content is accessed. Earlier in my career, I legitimately used illegal hacking tools because it was part of my job to unlock servers, so I had an unfiltered account. But I would record the tools I was using, when I used them and why, so I could prove I wasn’t up to no good if I were ever questioned.

    A flexible friend

    We’ve touched on using web filtering as a means of controlling access to illegal web content but the flexibility in most systems will allow organisations to control what is accessed from certain machines and who has access – which is useful in a college where the student cohort is a mixture of under 18s and adults.

    [#insertinlinedriver casestudy#]

    Controlling what can be opened on a mobile phone is a bit more tricky, since the owners don’t have to connect to the university or college network to use their phone. On the plus side, mobile phone providers block illegal content at source.

    Web filtering is not a preventative measure, it’s a protection measure. It can help protect a network through its malware detection, it can protect students and staff from viewing distressing and potentially harmful material and protect reputation by keeping institutions on the right side of the law.

    Our view is that web filtering solutions can be so flexible and tailored that there is no reasonable argument against using one.

    Footnotes

    • 1 The IWF and the CTRU monitor content that is illegal in this country and each produces a filtering list, which Jisc’s web filtering framework supports.


  • More than half of university staff want more technology for teaching, finds new survey from Jisc

    A survey of nearly 2,000 higher and further education teachers shows that 61% of university lecturers feel technology should be used more in the classroom. Despite this, 14% are never supported to develop their digital teaching skills.

    Our latest digital experience insights report shows both further (FE) and higher education (HE) staff want more time and training to improve digital skills, so they can use technology more effectively to benefit students.   

    The poll also finds that 38% of HE teaching staff rate their university’s support for developing digital aspects of their role as better than average, and 26% below average.

    Demanding workloads are also impacting opportunities teachers have to improve their digital skills. One lecturer said: “Workload is so cluttered during term time that developing new digital teaching practice in response to student feedback during the semester itself is difficult/impossible.”

    What staff and students want

    However, there is enthusiasm for using technology, with the poll finding that 61% of teaching staff describe themselves as among the first or early adopters of digital technologies for teaching, and that 51% rate their organisation's digital provision as better than average.

    The staff survey is a pilot that builds on our student version of the report, which this year collated answers from more than 37,000 students about their experience of technology in FE and HE.

    Despite the concerns of some teachers, the student report finds that 74% of HE students are happy with the quality of teaching they receive, although some become frustrated when teachers don’t use digital systems competently, especially when this wastes time or reduces access to course materials.

    Paul Feldman, chief executive, Jisc, says in a foreword to the report:

    “This is the first foray into uncovering the true digital experience of teaching staff in colleges and universities, and gives staff the chance to voice how they are experiencing their digital environment.

    "With the skills demands of the workforce being driven by "Industry 4.0" – an industrial revolution fuelled by data and machine learning – it’s also important that education leaders fully understand whether their digital environment can keep up with rapid advances in technology and industry, as well as meet student and staff expectations.

    "At Jisc we believe that Industry 4.0 can’t truly succeed without an "Education 4.0", and that our role is to help colleges and universities make the most of potential of new and emerging technologies. We want to work with colleges and universities to see their digital environment through the eyes of their students and staff and act on that knowledge.

    "Our teaching staff insights survey provides additional data to organisations, triangulating with the data from their student insights surveys.”

    Find out more



  • Jisc: protecting you

    John Chapman, head of Jisc’s security operations centre, looks back to Jisc’s first cyber security strategy and sets out how we will protect our members and the Janet network from cyber attacks over the next three years.

    More than three years ago, in March 2015, Jisc published its first cyber security strategy, covering the security products and services that we offered or were planning to deliver over the subsequent three years. While much changed over this period, we broadly met the objectives of this original strategy as we constantly revised our plans to meet the needs of our members.

    For example, three years ago we hadn’t embarked on our DDoS mitigation programme, yet the security landscape and the need to protect our members better meant we had to quickly develop and implement a national solution to mitigate denial of service attacks. It needed to ensure secure and reliable network access for users and to also enhance the visibility of threats on the Janet Network – helping to increase security for the entire education and research sector.

    One cyber security division

    At that time cyber security within Jisc was scattered across different departments with operations and development as separate activities. Now, as we publish the next three year strategy, we do so under the auspices of a single cyber security division – formed to consolidate all of Jisc’s member-facing security products and service activities into one organisational structure to provide a coherent set of solutions.

    This new strategy looks at how Jisc will work to protect our members and the Janet network from cyber attacks over the next three years (2018- 2021). This strategy has been informed by our members through multiple meetings with individual organisations, feedback from our annual cyber security conference and detailed analysis of responses to our annual cyber security posture survey.

    More managed security services

    In May last year we conducted our first ever cyber security posture survey among our members. This gave us valuable insight into our members’ security posture and requirements, providing us with a greater understanding of our members’ top security concerns and where you need most help.

    [#insertinlinedriver survey#]

    The survey has now become an annual fixture to ensure we continuously deliver the cyber security products and services that meet your needs, which this year has seen an increased interest in us providing more managed security services: managed log aggregation and managed intrusion detection services are both of interest to HE and FE respondents.

    To help meet this need we will undertake research with a view to implementing a managed security operations centre service for members by 2020, working with institutions to develop a unique sector offering to help protect them in an increasingly difficult environment, both from the number of attacks and the scarcity of skilled security personnel.

    Digital forensics

    Another key finding we are responding to is the significant growth in interest for digital forensics. This has jumped in priority for both FE and HE institutions, so we will continue to develop the Jisc security operations centre by recruiting and training skilled individuals. By the end of 2019 we will look to have developed our digital forensics capability to enable us to undertake more investigative work as part of ongoing incidents.

    We expect the next three years to be as turbulent for cyber security as the last three, so we will continue to engage with you to ensure we are protecting you. Cyber threats are not going away and, as funding changes within the education and research sector, we will need to be more agile and innovative about how we all work together to address them.



  • Dealing with DDoS

    FE colleges consider DDoS (distributed denial of service) attacks to be among the top five threats to their cyber security, according to our survey of our members earlier this year. They are right to be concerned. 

    Our data shows that in the first six months of this year, colleges were targeted by 225 DDoS attacks designed to bring down the network.

    This represents an increase of 35% compared to January to June 2017. Jisc's security operations centre also handled almost three times as many other security incidents or queries from FE colleges over the same period.

    It's notoriously difficult to identify individual cyber criminals but it is accepted that the threat from inside organisations is very real and should not be overlooked. Whether it be intentional or accidental, protecting the organisation from all threats needs to be a priority.

    [#insertinlinedriver blog#]

    The foundation DDoS mitigation service is provided to all Janet connected institutions as part of your connectivity services. The foundation service is designed to protect you from large scale attacks that could potentially bring down your network connection.

    The enhanced DDoS mitigation services are designed to provide more focused alerts and protection for external-facing critical services that could be targeted within your network.

    Our security operations centre is there to help mitigate attacks on our members but colleges are responsible for their own cyber space and should not underestimate the potentially huge financial and reputational impact of a network outage.

    How can Jisc help you protect your organisation?

    As part of your Jisc subscription, you receive our foundation DDoS mitigation service and can apply for access to our cyber security portal. This gives you peace of mind that we will mitigate attacks against your network connection. We detect and filter DDoS attack traffic across the Janet Network before it reaches you – mitigating the effects of attacks on your Janet connection, and reducing disruption and cost.

    If you need a faster or more customised DDoS mitigation, or 24/7 response, we now offer our enhanced DDoS mitigation service.

    With the enhanced service, you select one of two reaction levels: fast or instant. The fast service triggers mitigation within four minutes while, with the instant service, traffic is routed permanently via the mitigation service, so there is no delay in defence. These automated services react 24/7, helping you prevent disruption from out-of-hours attacks. You can also select pre-configured or bespoke options, as appropriate to your risk and budget levels. With a pre-configured option, you choose from a selection of profiles designed to protect a selection of common services, such as web servers or DNS – using traffic thresholds and mitigation responses designed by Jisc security analysts to be suitable for most needs.

    [#insertinlinedriver mitigation#]

    With a bespoke option, you can further tailor your protection, adjusting parameters with the help of a security analyst. For example, you can add protection for external-facing services not normally included in pre-configured profiles – such as an internet-facing file transfer service – and you can customise protection to include or exclude specific domains or URLs.

    Together, pre-configured and bespoke options allow more accurate detection of attacks and more effective mitigation.

    Jisc's enhanced DDoS service: a no brainer

    George Wraith

    George Wraith is head of ICT at New College Durham, an outstanding mixed-economy FE college covering the full range of education from HE degree-level courses through to A-levels, GCSEs, apprenticeships and a range of vocational and academic subject areas.

    In May this year New College Durham signed up for Jisc's enhanced DDoS mitigation service. It was, says George, a no brainer:

    "Cyber security is very much in the forefront of everybody's radar at the minute and last year there were significant cyber attacks on both the Janet Network itself and on individual colleges and universities. If we were to lose our connection because of an attack, the effect on the college would be massive.

    We have a small secondary connection we could fail over to but it's nowhere near the same bandwidth so, although we would still have an internet connection to carry on business, our students would lose a major element of their study while we were down and the reputation of the college would suffer.

    Given that risk, as soon I heard about this new service from our account manager, Lisa, in March, I was keen to have the initial conversations with Jisc's cyber security team about whether it was appropriate for us. Once it was clear that it was, it became simply a matter of working out what we actually needed and what we could afford.

    The Jisc cyber security team and my in-house team went through the options together and decided, based on a balance of technical needs, risk and budget, what was going to be most effective and cost-effective for us.

    We went for "fast pre-configured" service options to mitigate our email, SIP trunks and our web services. We discussed the configurable "bespoke" service options and the pros and cons of the other protocols, but those are the ones we centred on as our main needs. We were on board by May – I couldn't get the purchase order out quickly enough. The process was very smooth and very easy. It was all done through video conference so it was just a matter of getting the right people in the room at the various times that we needed to.

    Now, I have peace of mind. The monitoring is a key element for me – I'm able to access the cyber security portal on a live basis at any time as well as get weekly reports and see if there has been any mitigation and can find out if there are any alerts on the services in general. So, if something does go awry internally, we can check and narrow the field down very quickly. It's been such an easy service to engage with. It's just there and working, there's never been any issues or problems with it.

    Thanks to the enhanced DDoS mitigation service we now have expert coverage of protocols on a more enhanced basis as well as the service Jisc provides across the board. It's meant that I can say to auditors and senior managers that we're doing as much as we can externally with our network providers to mitigate any risks on the cyber security front from an external loss of internet connection or internet services more generally.

    I can't emphasise enough that it's a no brainer, especially for any educational institution that's using Jisc services already. To my mind, Jisc has proved itself with the reliability and trust established by the Janet service over the years."

    Find out more

    To find out more about DDoS mitigation and other cyber security services from Jisc, contact your account manager or see our range of cyber security services.



  • Jisc seeks student partners to carry the torch for tech

    With the academic year now in full swing, we’re looking for new student partners to help us to transform education technology in colleges and universities.

    The student partners initiative launched this summer and the first five volunteers, drawn from both universities and further education colleges, are helping us to further understand the challenges faced by students and the ways in which technology and digital skills impact their experiences of education.

    We are hoping to recruit a further ten student partners to offer insights into how digital fits into their learning, life and future career plans, and to help us communicate this effectively to universities, colleges and government. Student’s views and experiences will also feed into our future work to make sure that our vision for technology enhanced learning reflects the needs of learners.

    The programme kicked off with a training session at our new London office where the student partners set out their motivations and hopes for the initiative:

    Brad Miller

    Brad Miller from London is studying BA (Hons) digital film production at Ravensbourne University:

    “I have seen first-hand how Jisc’s work inspires and makes a difference to young people’s studies by keeping the educational system ahead in a changing world, which is increasingly reliant on technology. Opportunities like this to be a voice for students is vital as not all learners feel they are listened to when asking for adjustments which are beneficial to them.

    “In addition to discovering the inner workings of the education sector, I want to help spread the word of what this organisation does and put forward productive ideas; being part of what I consider a movement to guarantee learning is accessible for everyone, by providing the correct tools for the skills and needs of all students. I aspire to make changes happen that I feel are overdue and not considered to be a high priority by government and other decision makers.

    “Aside from filmmaking, and starting up a photography business, I’m developing an app which will benefit students by narrowing down an occupation that is suited to their talents and abilities. I would like this to take off so that people end up in careers that satisfy them.”

    Sam Jenkins

    Sam Jenkins from Somerset is studying history and the modern world at the University of Winchester:

    “Becoming a student partner will enable students at my university through me to have a voice within the development of educational technology. The role will allow me to find out more about present and future digital opportunities for students, to see the behind-the-scenes work of developing these opportunities in action, and to feed this knowledge back to students and university leaders in Winchester.

    “Faculty research at my university indicates that employers see digital capabilities as crucial to the day-to-day operations of their organisation, even alongside non-digital competencies like teamwork and empathy. As a student partner, I look forward to seeing Jisc develop new tools and services which gives opportunities for all students to develop relevant digital capabilities, improving the transferable skills which they take into the world of work.”

    Jake Forecast

    Jake Forecast from Essex is studying BA (Hons) primary education with qualified teaching status at Canterbury Christ Church University:

    “I wanted to join this scheme, as I have worked alongside Jisc at various events while I was a Digital Voice Xpert at Epping Forest College and this has inspired me to progress my digital skills further. Not only will being a student partner help me gain knowledge and skills in technology, it will link back to the necessities of my study programme and my career path as a primary school teacher.

    “I want to ensure we find ways that allow all students in further and higher education to have access to technology throughout their studies, to promote inclusion. Whist working in the early years and primary education sectors, I have found that we sometimes struggle to help support children with additional needs.

    "Taking on this role, I will help to inspire more students to be digitally enabled in society and to improve their education through technology.”

    Sarah Davies, our head of higher education and student experience, said:

    "Jisc has been working to support universities and colleges with student engagement in the digital experience for many years, but it's critical we initiate our own student partners scheme to ensure we can innovate with their views in mind. I'm looking forward to collaborating with them to help shape the development of our future services so we can transform the student experience and help deliver student success.”

    Students will be involved in a range of activities under the programme, including joining a panel discussion at our events and contributing to research and development.

    This programme builds on the work we have led on the change agents’ network, which enables staff and students to work together to improve the curriculum.

    Anyone interested in becoming a student partner should visit our get involved page for more information.



  • How can students easily protect themselves against cyber crime?

    From essay writing to course research to watching the latest boxset, using the internet is a part of daily life for students. Not being able to use their personal devices and online accounts because of a cyber attack is more than just annoying – it could have serious consequences for their course, or their finances. 

    Dealing with the aftermath of an attack could mean students have trouble accessing their bank account, losing that essay they spent all night writing, or being impersonated and defrauded.

    Research by the government's Cyber Aware campaign shows that younger people are more likely to take risks online, so it’s vitally important to educate students about cyber security and how to stay safe online. The research indicated students are much more likely than older people to download or stream illegal content and are also more likely to “jail break” their phones.

    Know the risks

    Jailbreaking, or rooting, switches off software restrictions placed by manufacturers on a smartphone, allowing users to download and install apps that aren’t available through official app stores. But that's not all: such actions can also leave smartphones vulnerable to malicious software or applications, which can infect devices, or even delete data. Imagine the consequences of losing valuable information such as CVs, essays and photos?

    What many students don’t realise is that jail-breaking will also invalidate a phone’s warranty and can mean the student will no longer receive software updates, which often contain security patches designed to fix vulnerabilities that could be exploited by hackers.

    Behaviours like this are really putting students at risk, but the government’s Cyber Aware campaign promotes some simple steps that could really make a difference to online safety:

    • Make your email password strong and separate to other passwords. This will help protect the personal information in your inbox, which could be valuable to hackers.
    • Activate two-step authentication on your email. This provides an extra layer of security, as it means your account can only be accessed on a device that you have already registered.
    • Only use password managers to store passwords for your less important accounts.
    • Always back-up your most important data. If your device is infected by a virus, malicious software (malware) or accessed by a hacker, your data may be damaged, deleted or held to ransom by ransomware, which means you won’t be able to access it. Always make sure you have another copy of it.
    • Don’t ”jail-break" or “root” your smartphone as this can mean you no longer receive software updates designed to keep your device secure from hackers.

    For more advice on simple ways to be more secure online, visit the Cyber Aware website.



  • The Ada Lovelace effect and why women still need powerful STEM role models

    Ada Lovelace Day is an annual event on the second Tuesday in October celebrating women in science, technology, engineering and maths (STEM). 

    Ada Lovelace (1815-1852) was the first ever computer programmer – a woman ahead of her time. But in 2018 we are still urging women into careers that are dominated by men.

    It is a long-standing problem that women are under-represented at the highest levels in scientific fields.

    The disparity between genders studying STEM (science, technology, engineering and maths) subjects could partly explain the digital skills shortage in the UK and The Guardian rightly questions, why do so few girls study STEM subjects?

    Closing the skills gap

    Jisc is helping to tackle the skills shortage by encouraging members to embed digital skills into the curriculum and give educators the support they need to teach them.

    The government’s industrial strategy states: “Within two decades, 90% of jobs will require some digital proficiency, yet 23% of adults lack basic digital skills.”

    Jisc’s digital experience insights survey shows that half of college learners and almost 70% of university students think digital skills will be imperative for their careers. Yet only 41% believe their courses prepare them for a digital workplace.

    The UK is currently facing a huge STEM skills shortage. New findings from STEM Learning show that 73% of businesses have found it more difficult to hire staff in the last 12 months.

    To help counter this problem and inspire the next generations of scientists, Jisc has recently formed a partnership with STEM Learning, whereby some of our employees have become STEM Ambassadors. The ambassadors are volunteers from a wide range of STEM-related jobs and disciplines across the UK, who offer their time by visiting schools to share their experience and enthusiasm.

    The lack of female representation in science is a long-running issue, dating from before Ada Lovelace’s time. One recent study grimly suggested that gender parity in science is “generations away”, while another showed that men continue to cite other men significantly more often than women in their article bibliographies.

    We hope that our STEM Ambassadors play a small but significant part in redressing the balance.

    Why become a STEM Ambassador?

    One of our STEM Ambassadors, sector analyst Caitlin Bloom, said:

    “I enjoy working for Jisc because I like solving puzzles, I like to find out how things work and fit together and why.”

    As a child she was fascinated by space and the physical and chemical world in which we exist. But in later life she was told she couldn’t do the A-level combination she wanted to, so her dream of studying chemistry was pushed aside. Caitlin added:

    “Why was it wrong of me to want to do a subject I love just because it didn’t ‘fit’ and no additional support was available to make it happen?”

    After university, she worked at De Montfort University (DMU) and University of Leicester, where she was on the IT/TEL committees. At DMU she was also involved in the digital transformation project, working on minimum standards for virtual learning environments (VLE) and on installing Jisc's wireless network, eduroam.

    “As a STEM Ambassador I want to encourage students (and especially girls) to study the subjects they want to and to keep STEM options open to them in the future. My inspirational role models are Isaac Newton, Alan Turing and Brian Cox. It is a shame I can’t add a woman here, but I guess that illustrates the issue!” she said.

    Inspired by Ada Lovelace

    Although men typically dominate STEM fields, many women, including Lovelace, have shown that these industries aren’t exclusively for men. Lovelace’s ingenuity makes her a significant role model for young women wanting to pursue science and technology careers.

    The Ada National College for Digital Skills (named after Ada Lovelace) is a specialist further education college, tailored to help fill the country’s digital skills gap.

    The college’s head of external relations, Amy Fowler, mentioned in a blog about Ada Lovelace last year, that:

    “Only 17% of UK digital jobs are filled by women. That’s got to change and at Ada we are actively changing it by striving to recruit 50% of our students as women and 50% from low-income backgrounds. The more diversity we see in this space the more our students will internalise that background has no bearing on talent, drive and the ability to be great.”

    Could you be the next Ada Lovelace?

    If you’ve considered pursuing a job in STEM areas, you may be interested in joining Jisc as a way of inspiring, encouraging and supporting the next generation into occupations involving digital technology.

    For more about the opportunities Jisc has to offer, visit our careers page.