With the education sector targeted for attacks during this pandemic period, how secure is your school’s data? London CLC’s Peter Lillington sets out some of the risks along with the latest free resources to help you manage them.
Data security is of critical concern for a school’s business operations and its robustness affects every member of the school community. This includes not only the physical school infrastructure and network, but any cloud services, policies and procedures and people’s awareness and behaviours.
During this pandemic period there have been reports of increased criminal activity online and many instances of Covid-related scams of various kinds, whether the peddling of bogus treatments and tests or the use of fake identity stolen from an unsuspecting individual to unlawfully apply for government grants. An alert aimed at the education sector was issued in September (pdf version available here), which describes the increase in ransomware attacks, looks at trends in how attackers get into their victims’ network, the crimes they commit and the mitigations organisations can take to disrupt ransomware attacks and enable effective recovery.
It’s a National Cyber Security Centre (NCSC) alert and the NCSC’s own disclaimer is worth a look:
“Any NCSC findings and recommendations made have not been provided with the intention of avoiding all risks, and following the recommendations will not remove all such risk. Ownership of information risks remains with the relevant system owner at all times.”
As it makes clear, risks will always remain, but there are things we can all do to reduce them.
With that in mind, what can schools do?
The NCSC itself is providing new guidance for governors with a useful list of eight questions for governors and school leaders to start the cyber security conversation. It also provides many infographic style resources that convey simply what schools need to consider.
Especially relevant for the current period is the home working guidance. If your school or local authorities are providing laptops and devices for families and students as well as staff it’s important that this aspect is considered.
On a much lighter note, if you get our weekly newsletter (you don’t?! Sign up now!) you may have seen a great explanation of https in comic form. Discover how cats, crabs and pugs help to explain some key concepts…
- Want to find out more? Join us on Tuesday 13 October (coincidentally also Ada Lovelace day!) 10-11.30am for our Digital Security for Schools CPD session. We’ll be exploring the issues and requirements that schools are facing in the light of new technologies and legislation, including cyber and network security, data and information security and requirements of KCSIE Annex C online safety measures.