Schools Security Policy and Audits
All schools in the UK are required to comply with safety and security legislation such as GDPR, Prevent, and Keeping Children Safe in Education.
They have a duty to protect their systems and data from threats which could compromise its confidentiality, integrity and availability and have a duty of care to their staff, students, guests and third parties using the school facilities including its devices networks and systems.
The government, via the Information Commissioners Office, https://ico.org.uk/, the National Cyber Security Centre, https://www.ncsc.gov.uk/, Ofsted, and other parties make a broad range of recommendations as to how schools and other organisations should protect their physical, human and digital assets.
The ICO say:
“organisations should have put in place basic technical controls such as those specified by established frameworks like Cyber Essentials”
Their recommendations are not a “one size fits all” so organisations must define and implement their own policy.
Cyber Distribution works with resellers to provide technical security policy, audit against that policy, and put in place clear plans to help schools move towards secure and compliant practices.