From 1st September 2023 there will be some changes to our policy for secure access and authentication protocols – changes which will apply to Jisc e-books for FE.
Improving member security
Federated Access is Jisc’s gold standard for access management and has benefits across multiple areas of your organisation, including:
- Strengthening cyber security
- Improving student experience
- Ensuring a robust privacy and data protection strategy
- Fostering international or remote collaboration and more
The mandate for federated access has not been strictly enforced in recent years; as a result, we have seen lower levels of mitigation being used by colleges when sharing personal data.
Additionally, personally identifiable information is being unnecessarily handed over to service providers, causing headaches for DPA and GDPR teams, while incurring security risks for the institution.
Also, this has led to some organizations deprecating their SSO standards, resulting in clunky and confusing log-on experiences for staff and students.
To help improve security standards for our members and ensure slick single-sign-on solutions are in place, access to Jisc’s e-books for FE collection will require federated access from 1st September 2023.
You will require federation-compliant identity provider software in place by this date. Please note that Microsoft authentication, including Azure Active Directory, is not currently compliant with federation guidelines and therefore does not meet this mandate. You can still use Azure Active Directory, but it must be proxied through an identity provider which is compliant with UK federation standards: see UK Federation documentation on IdP Proxying
Likewise, the patron log-in method provided by ProQuest via LibCentral, which requires personal identifiable data to be submitted, will not be accepted from 1st September 2023.
The ProQuest technical team have been informed of this mandate.
The majority of FE members are using federated access to authenticate into the e-books collection already: if your organization is one of them, just make sure you continue to do so.
If your library or IT department is planning a change regarding authentication methods, please talk to your Jisc relationship manager first so they can help ensure it complies with this policy.
I’m not using federated access … what next?
- Contact UK Federation Helpdesk – our dedicated team will be able to help you understand which IdPs (identity providers) you can use, whether there is something you’re currently running that can do the job, and advise on how best to get yourself set up. The helpdesk is included as part of your core Jisc subscription.
- Call on Trust and Identity Consultancy Support – if you don’t feel you have the skills or resource to tackle this yourselves, you can also call on our Trust and Identity experts to help you out, whether it’s a one-off project or keeping retained expertise on hand, throughout the year.
- Consider a managed service – if managing this yourself sounds like a lot of hassle, and you’d rather utilise a managed service, don’t worry: Jisc can offer this via OpenAthens, who offer some particularly helpful features for library staff.
- Alternatively, there is a list of other 3rd party support providers available here.