10 steps to better cybersecurity and safeguarding for schools

Google Images

1. Take Ownership at Senior Level:

The Government’s statutory guidance requires that a member of the senior leadership team is made responsible for safeguarding in schools. Cybersecurity and online safety should be taken just as seriously. They should be discussed regularly with school governors and at leadership team meetings. Appropriate policies should be implemented and enforced by the senior leadership team itself.

 

2.  Establish a strong online perimeter:

Schools should establish strong boundary firewalls and internet gateways to protect school networks from cyber attacks, unauthorised access and malicious content. Cyber security controls should be monitored constantly and tested on a regular basis.

 

3. Update content filters, constantly:

People are usually the weakest link in organisations. In schools there are many young internet users with curious minds that need extra protection. Content filtering systems need to be updated constantly as tech-savvy students are capable of creating new ways to circumnavigate filters with incredible speed.

 

4. Establish solid access control policies:

Schools should establish effective processes for managing user privileges to their systems to minimise the risk of deliberate and accidental attacks. Users should be provided with the minimum level of access they need to do their job. When staff members leave the school, their access should be revoked promptly. All records should be kept up to date to prevent exploitation of old accounts.

 

5. Check third-party providers thoroughly:

Schools should ensure they vet thoroughly all third party platform providers used for to ensure their approaches to security and safety are at least as stringent as their own. Access to students, parents and guardians should be granted by teachers themselves using email addresses provided in person.

 

Google Images

6. Ensure secure configuration and patch management:

Schools should know precisely what hardware and software is being used on their networks and ensure configuration changes are authorised, documented and implemented appropriately. Devices should be set up so that only approved users can make changes. Software updates and security patches should be implemented quickly when released by manufacturers.

 

7. Monitoring and incident management:

Schools must monitor all of their systems continuously and analyse them for unusual activity that could indicate an attack. Criminal incidents should be reported to the police and other relevant authorities.

 

8. Invest in cybersecurity and online safety education:

The Department for Education requires that students are taught about online safety as part of safeguarding for schools. They should ensure that members of staff understand the risks and their own security policies covering acceptable and secure use of systems. There should be regular sessions to ensure staff and students are aware of new phishing or spoof email attacks.

 

9. Don’t forget physical security:

Schools should maintain cybersecurity defences that are appropriate to the importance and sensitivity of the systems and data requiring protection. Planning for these should include the physical security of hard drives, internet routers, servers and other devices on which data can be stored. School equipment is targeted by thieves, especially in the school holidays, so any device holding sensitive data should be encrypted.

 

10. Consider personal devices:

The National Foundation for Educational Research has found that three quarters of teachers believe smartphones make it easier for student to access inappropriate material at school. Nine in ten secondary teachers said their pupils had experienced cyber bullying. Schools should have clear policies around mobile technology and how it is used on their premises. Students should be taught about acceptable use of their personal devices, how they interact with each other on social media and where to turn for help.

source : click here

Google Images