It was from first-hand experience and a gleaming recommendation that initially piqued Jane Cartlidge’s interest in InVentry.
With 30th November marking Computer Security Day, it’s important for schools to know how to fully secure themselves against cyber-threats. Alan Mackenzie, a veteran e-safety consultant, talks us through the top 10 points school staff need to consider when it comes to staying e-safe.
Security has been a hot topic this last couple of weeks, with the most reported story being that of the website hosting live webcam streams of hundreds of devices whose account details had been hacked. The word ‘hacked’ is misleading in this respect, as it suggests a certain amount of effort by the perpetrators, however one could assume that many (all?) of those devices had been left at their default settings, including username and password.
Getting computer security right in a school is much trickier than doing so in a business. How much money can you spend? How much time can you devote to the problem? Should you have a regime in which you enforce, or merely guide? How do you win the cooperation of parents, principals and students? Security expert David Booth discusses the principles of information security for schools.
[As seen in the June 2014 edition of our magazine]
1. Understand Your Risk
Identify your most sensitive information and mark documents containing this data clearly as “confidential” or similar. Decide who is responsible for managing the risk. Work out how much risk you face and how much risk you want to take. Allocate security responsibilities clearly to other staff and ensure staff understand the importance of working securely.
What is BYOD? There has been a huge rise in the popularity of hand-held and tablet devices in the last few years, and some schools may allow staff to use their own personal devices to access school systems. This is commonly known as Bring Your Own Device, or BYOD, and there are advantages in allowing staff to provide their own IT equipment. However, the use of personal devices to access school systems raises a number of questions regarding the school management’s duty under the Data Protection Act (DPA). This is particularly so if the device is used to access the school MIS (e.g SIMS) or to hold any kind of staff or pupil information. It is important to remember that the school, as data controller, is still responsible for the security of the information; regardless of the ownership of the device used to access or process the data.
The risks - that BYOD device is owned and maintained by the user. This means that the school has little or no control over how, where or when it is used.
Protecting your school's IT systems, infrastructure, business and students' data is vitally important. School information is one of education's most valuable assets, and critical information such as financial data and student records can be very difficult to replace. Whilst data protection is paramount, network security goes far beyond that. Network security threats and challenges are becoming increasingly more sophisticated and difficult to analyse, having multiplied rapidly in recent years with the exponential growth of wireless and hand-held devices.
Although the internet has brought enormous benefits to schools and higher education establishments, the increase in access and usage, through a multitude of wired and wireless devices, puts immense pressure on schools’ IT systems. Growing opportunities and acceptance of students bringing their own devices to school will significantly increase this pressure. Adding to the complexity is the perpetual demand on ‘live’ social networking communication and access to information. With email viewed as one of the principle communication tools within schools, it is crucial that particular attention is paid to providing high levels of security. In order to find malicious content, this requires the network security system to work faster whilst not causing delays in time-sensitive traffic. To put the situation into perspective, the increase in numbers of educational network users and potentially harmful pieces of content are believed to be billions per minute per network, whereas, only a few years ago, users and threats could be counted in the thousands. Growth of this magnitude is likely to put interminable pressure on school security systems to adapt.
Best known for its sleek and easy to use consumer technology, Apple has made significant inroads into the field of educational ICT over the last two years.
Boasting an online store with hundreds of educational apps and Apple Regional Training Centres ready to deliver workshops on creative ways technology in the classroom, Apple has become a firm favourite with schools around the UK.
Although Macs, iPads and other Apple devices can be fantastic resources for pupils, their aesthetic design and high specification can also make them particularly attractive to thieves. Apple products have a high resale value on the open market and can easily be removed from buildings if the correct security measures are not in place over the school holidays.