Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.town/notes/9qmcjni6cjastaz1">Taggart :donor: (mttaggart@infosec.town)'s status on Saturday, 09-Mar-2024 18:53:00 JST</a><a href="https://infosec.town/@mttaggart" title="mttaggart@infosec.town"><img src="https://gnusocial.jp/theme/gnusocialjp/default-avatar-stream.png" width="48" height="48" alt="Taggart :donor:" style="position: absolute; left: 0; top: 0;">Taggart :donor:</a><div><a href="https://infosec.town/notes/9qmcbo4kn5a9s8ga" rel="in-reply-to">in reply to</a></div></section><article><p>In common with other on-premise servers, this terminal server was protected by firewalls and virus software, <b>but access was not subject to Multi-Factor Authentication (MFA)</b>. MFA was introduced across the Library in 2020 to increase protection of all remote activities relating to cloud applications such as email, Teams and Word, but for reasons of practicality, cost and impact on ongoing Library programmes, it was decided at this time that connectivity to the British Library domain (including machine log-on access and access to on-premise servers) would be out of scope for MFA implementation, pending further renewal of the Library’s infrastructure.<i>Monkey</i>'<i>s paw closes</i><br><br>Spend the money. MFA your external access. Please.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2805661#notice-5565219">In conversation</a><time datetime="2024-03-09T18:53:00+09:00" title="Saturday, 09-Mar-2024 18:53:00 JST">about 9 months ago</time> <span>from <span><a href="https://infosec.town/notes/9qmcjni6cjastaz1" rel="external" title="Sent from infosec.town via ActivityPub">infosec.town</a></span></span><a href="https://infosec.town/notes/9qmcjni6cjastaz1">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Taggart :donor: (mttaggart@infosec.town)'s status on Saturday, 09-Mar-2024 18:53:00 JST Taggart :donor:
in reply to
In common with other on-premise servers, this terminal server was protected by firewalls and virus software, but access was not subject to Multi-Factor Authentication (MFA). MFA was introduced across the Library in 2020 to increase protection of all remote activities relating to cloud applications such as email, Teams and Word, but for reasons of practicality, cost and impact on ongoing Library programmes, it was decided at this time that connectivity to the British Library domain (including machine log-on access and access to on-premise servers) would be out of scope for MFA implementation, pending further renewal of the Library’s infrastructure.Monkey's paw closes

Spend the money. MFA your external access. Please.
In conversationabout 9 months ago from infosec.townpermalink

Public

Embed Notice

HTML Code

Corresponding Notice