This page outlines essential cyber security for schools to remain protected in 2023. Implementing these recommendations will give your school the technical tools you need in order to meet your responsibilities for data protection and safeguarding.
We call the six core elements of our recommended cyber security for schools measures our ‘Cyber Security Six Pack’. These are the indispensable bare minimum for any primary or secondary school.
We base these cyber security recommendations for schools on:
- Guidelines from the Department for Education
- The most recent advice for schools from the National Cyber Security Centre (NCSC)
- IT industry best practice.
Cyber Security for Schools: the Six-Pack for 2023
1 – Anti-virus and anti-ransomware protection
2 – DfE compliant backup and disaster recovery solution
3 – Microsoft 365 and / or Google Workspace backup
4 – Internet filtering and safeguarding
5 – Staff cyber security awareness training
6 – Written incident management and disaster recovery plan
Why is cyber security for schools so important?
Before we go into the details of each element of the cyber security six pack for schools, here are a few reminders of why essential for your school to have robust cybersecurity measures in place to prevent cyberattacks and mitigate their impact if they occur.
If your school in the UK suffered a cyber breach, here are some of the most common problems it could face:
- Data Breach: If cybercriminals gained access to the school’s network, they could steal sensitive information such as student and staff data, financial information, and intellectual property. This could lead to serious consequences such as identity theft, financial loss, and reputational damage.
- Disruption of Services: A cyber breach could also result in a disruption of services at your school. Cybercriminals could disrupt the school’s website, online learning platforms, critical admin systems and even the classroom interactive boards, causing downtime and preventing students, staff, and faculty from accessing essential resources.
- Financial Loss: A cyber breach could also result in financial losses for your school. This could include direct theft of money as well as the costs of investigating and remedying the breach, paying for legal fees, compensating affected parties, and repairing any damaged systems.
- Reputational Damage: A cyber breach could seriously damage your school’s reputation. Parents, students, staff, and the wider community may lose trust in the school’s ability to safeguard their personal information. They may view the school as vulnerable to additional cyberattacks.
- Regulatory Compliance: Depending on the nature of the breach, your school may also face regulatory compliance issues. General Data Protection Regulations (GDPR) and other safeguarding regulations could easily be violated. Your school might face penalties or fines for failing to protect personal data adequately.
The UK is now officially Europe’s most dangerous country for cybercrime
SOURCE OF STATISTICS: Department for Digital, Culture, Media & Sport
70
88
140
Essential Cyber Security for Schools
Our Cyber Security Six-Pack
1 – Anti-virus & anti-ransomware
What is it and why do I need it?
Some criminal groups steal sensitive data like staff salaries, school banking details or confidential information on pupils and extort money by threatening to reveal it online. This software scans continuously to keep viruses and ransomware out of computer systems.
How does our anti-virus software improve cyber security for shools?
We deploy anti-malware and anti-virus software that includes ransomware threat detection and monitoring to keep records of attacks. We will defend your systems against zero day attacks (completely new malware) by scanning and checking all files entering your school or academy’s network, without slowing down your working routines at all.
What does ransomware do? Ransomware encrypts data that will have the most impact on the organisation’s services, and can affect computer networks, telephony and websites. The data held by these services is also at significant risk, including personal information (student and staff details), financial transactions (staff salaries, payment of ESFA funds, ability to pay suppliers), details on vulnerable people (adult social care), and college and school data (admissions, at risk children). Some ransomware groups steal data before encrypting what is left, so even if you can recover from backups, they try to extort money in exchange for not revealing the data online.
2 – Backup & disaster recovery
What is it and why is it part of cyber security for schools?
This backs up all school data held by on-site servers, creating a duplicate in the cloud every day. If ransomware stopped you accessing your services or data, or if a virus damaged them, these backups could be used to create a ‘virtual server’ in the cloud and get your school up and running again the same day. Without these backups your data would almost certainly be lost forever.
How does our backup and restore software help?
Your local servers are vulnerable to cyber attacks and we can install software to defend them. Traditional backups are no longer adequate. Our backup and disaster recovery solution backs up all school data that is on your on-site servers. We carry out regular checks to make sure we can restore your services and data from backups.
3 – Microsoft 365/Google Workspace backups
What is it and why do I need it?
This makes regular backup copies of Google Email and Microsoft 365 including Exchange, OneDrive, SharePoint, and Teams. If your systems were captured by ransomware, we could make new copies for you immediately from these backups. It also has a spam filer to help remove phishing emails.
How do your Microsoft 365 & Google Workspace backups improve school cyber security?
We protect your backups with anti malware as part of our disaster recovery service. These backups are kept offline in the cloud. Should your main servers be hacked, you can keep the school running off emergency virtual servers until we get your regular services restored and back in action.
We can protect your school against ransomware, malware, phishing attempts, and business email compromise (BEC) attacks that target:
- Microsoft Exchange, OneDrive, SharePoint, and Teams
- Google Workspace including Email
First encounter detection
This advanced threat protection solution that detects zero-day threats at the first encounter instead of days later. We do this by analysing the composition of email, chats and documents instead of scanning for already-known security threats.
Protection beyond email security
We’ll proactively protect your Microsoft 365 data in OneDrive, SharePoint, and Teams.
Spam Filtering
We can configure spam filtering to suit your needs, adding another level of protection to your users’ inboxes.
Robust Reporting
We can provide clear but detailed reporting that articulates why a threat was identified as malicious.
Rapid Deployment
We can get your up and running in minutes.
Integrated Cloud Protection
We will prevent permanent data loss with automated backups 3 times a day and flexible recovery options.
4 – Internet filtering & safeguarding
What is this and why do I need it?
This blocks websites that could carry malware and sites with content that is not appropriate for your pupils. It can stop your pupils accidentally introducing malware to the school network while using the internet.
How does your internet filtering software improve cyber security for schools?
We will deploy and manage software (usually Smoothwall) that blocks websites that could carry malware, and sites with content that is not appropriate for your pupils. This keeps your pupils from accidentally introducing malware to the school network while using the internet. It provides appropriate levels of control, depending on the user.
5 – Staff cyber security training
Why do we need this?
Did you know the number one cause of successful cyber attacks is human error, in the form of getting tricked by emailed phishing attacks? Employees are sometimes lulled into a false sense of security at work, assuming company filters will prevent malicious emails reaching their inbox. Even well-informed users can have a couple of misconceptions or holes in their knowledge, and this is all it takes to fall prey to cyber criminals.
Suitable training enables your staff to recognise the newest types of phishing emails, and tests them to make sure the training is being applied in real life. No less than 89% of successful cyber breaches result from phishing emails – in other words, human error. The DfE requires you to train staff and close this loophole.
How do you train staff to improve school cyber security?
Firstly we conduct controlled phishing campaigns. We send our simulated phishing emails to your staff to evaluate how many of them are vigilant and how many fall for them. This establishes the vulnerability levels to the commonest form of successful cyber breach.
Then we train your staff in cyber awareness. Our Continuous Professional Development (CPD) workshops teach your staff:
- What kinds of information they need to protect
- How to protect this data
- What can happen with emails, passwords and applications that are not protected well enough
- How to tell a phishing email from a genuine one, and what to do about them.
Finally, we conduct another controlled phishing campaign. This tests the effectiveness of our training and highlights any users who need additional training.
Close the staff awareness loophole
Protect your organisation from within.
CPD modules ready-made
Save time and money with our tried and tested training materials and experienced trainers.
Vulnerability testing
Once you pass our controlled phishing campaigns, you can check the biggest box on your cyber security vulnerability test list.
6 – Disaster Recovery Plan
Why is this part of cyber security for schools?
The DfE asks all schools to have a Disaster Recovery / Continuity Plan, which is a step-by-step roadmap to keep your school running if you did get hacked. What are the bare minimum applications and data you would need for the school to reopen? If you needed us to restore systems from backups, what would be the order of urgency? Who would carry out each part of the plan? Your DR plan makes all these decisions in advance so you would handle an emergency the best way possible.
How will your DR Planning service help my school?
Our incident management plan will set out how your school would get back access and functionality to its IT infrastructure after suffering a cyber security breach, and also after any other unforeseen setback like a fire, flood or power cut.
When designing your school’s disaster recovery plan, we use our knowledge of your IT systems to advise you on what needs protecting, which data needs to be backed up and which operations need to be duplicated off-site.
We begin by identifying the most likely risks – and then the less likely ones. We audit your infrastructure and your school’s needs, including your server requirements, your data, what you use it for and when. We also assess if your servers are vulnerable.
We set disaster recovery goals. We define what our IT disaster recovery service team needs to get up and running immediately so your school can open to students, and what can wait for the second restoration phase. This stage of our IT disaster recovery service includes clarifying your school’s
- Disaster Recovery Time Objective, in other words how quickly systems should be up and running after an incident, and your
- Recovery Point Objective, which is the minimum of data you must not lose in a disaster.
We allocate your IT Disaster Recovery Services (DR) team within our IT experts, and work with you to set up a working group to study which disaster recovery plan structure will prove most effective, selecting vendors and budgets for the different options. There is always a play-off between safety and budget, so we will help you make an informed choice.
We monitor constantly and stay ahead of possible risks such as evolving cyber threats. We will keep on schedule with your backups, and store a copy of your disaster recovery plan safely off-site. The plan for your organisation’s IT disaster recovery services plan does not stand still. We will regularly test for new vulnerabilities and other risks.
