Do you currently access the USI Registry System via webservices using your own student management system (SMS)?
We are making an important upgrade to the security protocols relating to the USI Registry System to minimise any security vulnerabilities. This is consistent with the Australian Government Department of Education and Training’s IT Security Policy and industry standards.
From 22 July 2018, the USI Registry System will no longer accept old versions of Transport Layer Security (TLS) protocols (known as TLS versions 1.0 and 1.1). TLS protocols provide privacy and data integrity between two communicating applications (for example, between a SMS and the USI Registry System when they communicate via webservices).
We contacted software providers on 24 April 2018 to advise them of this change and to ask them to make any necessary upgrades to their SMS software. Some software providers had already upgraded their SMS software to the latest TLS protocol (known as TLS version 1.2) and will be unaffected by this change. Other software providers are in the process of making this change to their SMS software. All SMS software that uses a webservices connection will need to have completed their upgrade by 22 July 2018.
We also recommended that software providers contact RTOs who may be affected by the change. This is particularly important for those RTOs using outdated and unsupported Microsoft Operating Systems such as Windows XP and Windows Server 2003 as these Operating Systems may not be compatible with the upgrade and may not be able to establish a secure connection to the USI Registry System. In addition, these Operating Systems may not have had security upgrades applied for several years and may have other security vulnerabilities.
Does this change affect me?
If you are not sure if this change applies to your SMS, please contact your software provider to find out more details.
If you have any other questions or concerns about USI Registry System security protocols please contact the USI Office Digital Team at email@example.com.