This page outlines essential cyber security for schools to remain protected in 2023. Implementing these recommendations will give your school the technical tools you need in order to meet your responsibilities for data protection and safeguarding.
We call the six core elements of our recommended cyber security for schools measures our ‘Cyber Security Six Pack’. These are the indispensable bare minimum for any primary or secondary school.
We base these cyber security recommendations for schools on:
- Guidelines from the Department for Education
- The most recent advice for schools from the National Cyber Security Centre (NCSC)
- IT industry best practice.
Cyber Security for Schools: the Six-Pack for 2023
1 – Anti-virus and anti-ransomware protection
2 – DfE compliant backup and disaster recovery solution
3 – Microsoft 365 and / or Google Workspace backup
4 – Internet filtering and safeguarding
5 – Staff cyber security awareness training
6 – Written incident management and disaster recovery plan
Why is cyber security for schools so important?
Before we go into the details of each element of the cyber security six pack for schools, here are a few reminders of why essential for your school to have robust cybersecurity measures in place to prevent cyberattacks and mitigate their impact if they occur.
If your school in the UK suffered a cyber breach, here are some of the most common problems it could face:
- Data Breach: If cybercriminals gained access to the school’s network, they could steal sensitive information such as student and staff data, financial information, and intellectual property. This could lead to serious consequences such as identity theft, financial loss, and reputational damage.
- Disruption of Services: A cyber breach could also result in a disruption of services at your school. Cybercriminals could disrupt the school’s website, online learning platforms, critical admin systems and even the classroom interactive boards, causing downtime and preventing students, staff, and faculty from accessing essential resources.
- Financial Loss: A cyber breach could also result in financial losses for your school. This could include direct theft of money as well as the costs of investigating and remedying the breach, paying for legal fees, compensating affected parties, and repairing any damaged systems.
- Reputational Damage: A cyber breach could seriously damage your school’s reputation. Parents, students, staff, and the wider community may lose trust in the school’s ability to safeguard their personal information. They may view the school as vulnerable to additional cyberattacks.
- Regulatory Compliance: Depending on the nature of the breach, your school may also face regulatory compliance issues. General Data Protection Regulations (GDPR) and other safeguarding regulations could easily be violated. Your school might face penalties or fines for failing to protect personal data adequately.
The UK is now officially Europe’s most dangerous country for cybercrime
SOURCE OF STATISTICS: Department for Digital, Culture, Media & Sport
Essential Cyber Security for Schools
Our Cyber Security Six-Pack
3 – Microsoft 365/Google Workspace backups
What is it and why do I need it?
This makes regular backup copies of Google Email and Microsoft 365 including Exchange, OneDrive, SharePoint, and Teams. If your systems were captured by ransomware, we could make new copies for you immediately from these backups. It also has a spam filer to help remove phishing emails.
How do your Microsoft 365 & Google Workspace backups improve school cyber security?
We protect your backups with anti malware as part of our disaster recovery service. These backups are kept offline in the cloud. Should your main servers be hacked, you can keep the school running off emergency virtual servers until we get your regular services restored and back in action.
We can protect your school against ransomware, malware, phishing attempts, and business email compromise (BEC) attacks that target:
- Microsoft Exchange, OneDrive, SharePoint, and Teams
- Google Workspace including Email
5 – Staff cyber security training
Why do we need this?
Did you know the number one cause of successful cyber attacks is human error, in the form of getting tricked by emailed phishing attacks? Employees are sometimes lulled into a false sense of security at work, assuming company filters will prevent malicious emails reaching their inbox. Even well-informed users can have a couple of misconceptions or holes in their knowledge, and this is all it takes to fall prey to cyber criminals.
Suitable training enables your staff to recognise the newest types of phishing emails, and tests them to make sure the training is being applied in real life. No less than 89% of successful cyber breaches result from phishing emails – in other words, human error. The DfE requires you to train staff and close this loophole.
How do you train staff to improve school cyber security?
Firstly we conduct controlled phishing campaigns. We send our simulated phishing emails to your staff to evaluate how many of them are vigilant and how many fall for them. This establishes the vulnerability levels to the commonest form of successful cyber breach.
Then we train your staff in cyber awareness. Our Continuous Professional Development (CPD) workshops teach your staff:
- What kinds of information they need to protect
- How to protect this data
- What can happen with emails, passwords and applications that are not protected well enough
- How to tell a phishing email from a genuine one, and what to do about them.
Finally, we conduct another controlled phishing campaign. This tests the effectiveness of our training and highlights any users who need additional training.
6 – Disaster Recovery Plan
Why is this part of cyber security for schools?
The DfE asks all schools to have a Disaster Recovery / Continuity Plan, which is a step-by-step roadmap to keep your school running if you did get hacked. What are the bare minimum applications and data you would need for the school to reopen? If you needed us to restore systems from backups, what would be the order of urgency? Who would carry out each part of the plan? Your DR plan makes all these decisions in advance so you would handle an emergency the best way possible.
How will your DR Planning service help my school?
Our incident management plan will set out how your school would get back access and functionality to its IT infrastructure after suffering a cyber security breach, and also after any other unforeseen setback like a fire, flood or power cut.
When designing your school’s disaster recovery plan, we use our knowledge of your IT systems to advise you on what needs protecting, which data needs to be backed up and which operations need to be duplicated off-site.
We begin by identifying the most likely risks – and then the less likely ones. We audit your infrastructure and your school’s needs, including your server requirements, your data, what you use it for and when. We also assess if your servers are vulnerable.
We set disaster recovery goals. We define what our IT disaster recovery service team needs to get up and running immediately so your school can open to students, and what can wait for the second restoration phase. This stage of our IT disaster recovery service includes clarifying your school’s
- Disaster Recovery Time Objective, in other words how quickly systems should be up and running after an incident, and your
- Recovery Point Objective, which is the minimum of data you must not lose in a disaster.
We allocate your IT Disaster Recovery Services (DR) team within our IT experts, and work with you to set up a working group to study which disaster recovery plan structure will prove most effective, selecting vendors and budgets for the different options. There is always a play-off between safety and budget, so we will help you make an informed choice.
We monitor constantly and stay ahead of possible risks such as evolving cyber threats. We will keep on schedule with your backups, and store a copy of your disaster recovery plan safely off-site. The plan for your organisation’s IT disaster recovery services plan does not stand still. We will regularly test for new vulnerabilities and other risks.