security shield

Take our free
Cyber Security Review

We understand the pressure of managing your IT system – the external threats it faces, as well as risks posed by BYOD. Then there are the patches, passwords, backups and upgrades that are vital to day-to-day security.

Our secure online survey can help you understand possible weaknesses and identify the steps to address them. It gives instant tips and knowledge based on your responses, plus you’ll receive a free personalised action plan to help you prioritise your approach to securing your school’s digital environment.

You may also be interested in taking our Online Safety Review and Data Protection Review for further advice.

1 of 9

Have you got a firewall in place to protect your network?

Advice, tips and knowledge

A Firewall ensures that you are managing access to ports, protocols and applications by filtering and inspecting traffic at the network perimeter to ensure that only traffic that is required to support your school is being exchanged.

They create a buffer zone between the internet and your own network.

Firewalls need to be carefully managed in a controlled way so that they do not expose parts of your network without the necessarily security controls.

Letting your ISP manage the firewall is a cost effective and safe way of implementing a firewall as it will be managed by fully trained experts who can also help you avoid making mistakes by giving you advice on how to open ports in a secure way. It also means that you don’t need to worry about the maintenance or replacements of those firewalls when they reach the end of their supported life.

A Firewall ensures that you are managing access to ports, protocols and applications by filtering and inspecting traffic at the network perimeter to ensure that only traffic that is required to support your school is being exchanged.

They create a buffer zone between the internet and your own network.

Firewalls need to be carefully managed in a controlled way so that they do not expose parts of your network without the necessarily security controls.

You need to ensure that the person managing your firewall has the necessary training to ensure that it is correctly implemented and managed. It can be easy to change a setting that actually decreases the security of your network.

Some ISPs such as RM will also protect you against DDOS attacks that most standard firewalls will not do without substantial cost.

A Firewall ensures that you are managing access to ports, protocols and applications by filtering and inspecting traffic at the network perimeter to ensure that only traffic that is required to support your school is being exchanged.

They create a buffer zone between the internet and your own network.

Without a firewall you may expose your network to a number of threats and allow an attacker to exploit your systems, steal information or import malware into your network.

Next Question

2 of 9

Do you regularly check what ports are open on your firewalls and that internet-facing services are properly secured?

Advice, tips and knowledge

It is essential to understand which parts of your network can be accessed from the internet. There are many circumstances where you allow this to occur; such as when you want your users to be able to access resources on your network from home but this needs to be done in a secure manner.

It is also possible that some internet-facing services may contain vulnerabilities that would allow an attacker to gain access to your network. Conducting vulnerability scans is one way to identify what internet facing services you have and how vulnerable they may be to attack.

It is essential to understand which parts of your network can be accessed from the internet. There are many circumstances where you allow this to occur; such as when you want your users to be able to access resources on your network from home but this needs to be done in a secure manner.

It is good practice to review which ports are open and what internet facing services you have but it is also important to understand how secure those services are and whether they have any vulnerabilities that may give an attacker an opportunity to gain access to your network.

It is essential that you understand what internet-facing services your network has.

Unmanaged or insecure services may expose your network to attackers and allow them to get easy access to your data or infect your network.

We have already seen example in education where there has been a substantial data breach due to insecure internet facing services.

Next Question

3 of 9

Do you have separate administrative accounts from your standard accounts so that they aren’t used for every day tasks such as reading emails or browsing the internet?

Advice, tips and knowledge

If your administrators use their admin accounts for every day tasks then the impact of misuse or compromise will be more severe than it needs to be.

Accounts that open emails and access web content are more susceptible to common cyber attacks. Should this happen on an admin account, the attacker may be able to access the entire network, all of the school’s data or compromise servers and devices.

Once an attacker has the credentials for an admin account they could change security and account settings to effectively lock the school out of their own network.

Separating your admin accounts increases the security of your network.

If your administrators use their admin accounts for every day tasks then the impact of misuse or compromise will be more severe than it needs to be.

Accounts that open emails and access web content are more susceptible to common cyber attacks. Should this happen on an admin account, the attacker may be able to access the entire network, all of the school’s data or compromise servers and devices.

Once an attacker has the credentials for an admin account they could change security and account settings to effectively lock the school out of their own network.

It is recommended that you don’t use your admin accounts for any email or web browsing activity.

If your administrators use their admin accounts for every day tasks then the impact of misuse or compromise will be more severe than it needs to be.

Accounts that open emails and access web content are more susceptible to common cyber attacks. Should this happen on an admin account, the attacker may be able to access the entire network, all of the school’s data or compromise servers and devices.

Once an attacker has the credentials for an admin account they could change security and account settings to effectively lock the school out of their own network.

It is recommended that you don’t use your admin accounts for any email or web browsing activity.

Next Question

4 of 9

Do you have additional security on your administrative accounts or those with access to sensitive documents such as Multi-Factor authentication and audit logs?

Advice, tips and knowledge

Your admin accounts have access to global settings that gives them the ability to make changes across the whole network and access all your resources.

Credential theft is a big risk and should an attacker manage to get access to your admin credentials, they then have access to your whole network.

Multi-factor authentication ensures that even if the credentials for your admin account are stolen, there is an additional barrier to the attackers to gain entry to those accounts.

You may also have users in your school that have access to highly sensitive data, it is also good practice to ensure that those accounts have multi-factor authentication to ensure that should they have their credentials stolen, through a phishing scam for example, the attackers cannot easily gain access to that data.

Next Question

5 of 9

Do you restrict what software can be installed and which settings can be changed by your users?

Advice, tips and knowledge

Allowing your users to install software can be a security risk as some software may have security issues or vulnerabilities that you are unaware of – this is particularly the case with many instances of free software that is downloaded from the internet. This software may be passing sensitive data to 3rd parties or leaving your devices open to access by attackers. It is also important that your users can’t change certain settings that may make the device less secure. This also means that if an attacker does manage to take control of the device, the amount of damage they can do is contained and limited.

Allowing your users to install software can be a security risk as some software may have security issues or vulnerabilities that you are unaware of – this is particularly the case with many instances of free software that is downloaded from the internet. This software may be passing sensitive data to 3rd parties or leaving your devices open to access by attackers. It is also important that your users can’t change certain settings that may make the device less secure. This also means that if an attacker does manage to take control of the device, the amount of damage they can do is contained and limited.

Even staff members may inadvertently download a piece of insecure software or change a setting that makes the device less secure, they also tend to have access to sensitive data which could be at risk if the device is compromised.

Allowing your users to install software can be a security risk as some software may have security issues or vulnerabilities that you are unaware of – this is particularly the case with many instances of free software that is downloaded from the internet. This software may be passing sensitive data to 3rd parties or leaving your devices open to access by attackers. It is also important that your users can’t change certain settings that may make the device less secure. This also means that if an attacker does manage to take control of the device, the amount of damage they can do is contained and limited.

Students are more likely to install malicious software, but even staff members may inadvertently download a piece of insecure software or change a setting that makes the device less secure, they also tend to have access to sensitive data which could be at risk if the device is compromised.

Next Question

6 of 9

Do you have next generation anti-virus and anti-malware software installed on all devices that connect to your network?

Advice, tips and knowledge

Traditional anti-virus and anti-malware solutions rely on a signature database to understand if a file or URL is malicious, it checks new files or URLS against that database to see whether it is known as a threat or not.

This type of software can have a challenge with the type of attacks we see on a daily basis whereby the attackers are creating new signatures frequently in an attempt to defeat the anti-virus software. Next generation anti-virus and anti-malware software uses those signatures and then also looks for similar files whereby small changes may have defeated the traditional anti-virus but this more intelligent approach broadens the view of what may also be a threat.

They will also commonly approach these threats with a sandbox approach, any files are opened up in the cloud to monitor the behavior of that file and if it looks suspicious then it will be quarantined. The same approach is used with URLs to see if the website is malicious.

This approach ensures that your users are protected against a wider range of known and unknown threats.

Traditional anti-virus and anti-malware solutions rely on a signature database to understand if a file or URL is malicious, it checks new files or URLS against that database to see whether it is known as a threat or not.

This type of software can have a challenge with the type of attacks we see on a daily basis whereby the attackers are creating new signatures frequently in an attempt to defeat the anti-virus software. Next generation anti-virus and anti-malware software uses those signatures and then also looks for similar files whereby small changes may have defeated the traditional anti-virus but this more intelligent approach broadens the view of what may also be a threat.

They will also commonly approach these threats with a sandbox approach, any files are opened up in the cloud to monitor the behavior of that file and if it looks suspicious then it will be quarantined. The same approach is used with URLs to see if the website is malicious.

This approach ensures that your users are protected against a wider range of known and unknown threats.

Traditional anti-virus and anti-malware solutions rely on a signature database to understand if a file or URL is malicious, it checks new files or URLS against that database to see whether it is known as a threat or not.

Free anti-virus software is often free because the company providing the software will use the data to help enhance their paid for versions, you should ensure you understand what personal information may be shared with these companies.

This type of software can have a challenge with the type of attacks we see on a daily basis whereby the attackers are creating new signatures frequently in an attempt to defeat the anti-virus software. Next generation anti-virus and anti-malware software uses those signatures and then also looks for similar files whereby small changes may have defeated the traditional anti-virus but this more intelligent approach broadens the view of what may also be a threat.

They will also commonly approach these threats with a sandbox approach, any files are opened up in the cloud to monitor the behavior of that file and if it looks suspicious then it will be quarantined. The same approach is used with URLs to see if the website is malicious.

This approach ensures that your users are protected against a wider range of known and unknown threats.

Next Question

7 of 9

Do you protect your email and cloud storage accounts against malware and phishing attacks?

Advice, tips and knowledge

The current threat landscape points to email and malicious websites being the biggest cyber security threats to your users.

Whilst it is good practice to tell your users not to open emails from people they don’t know, open unexpected attachments or click on web links that they aren’t sure of – human nature means that it is easy to do all these things without even thinking about the security implications.

Adding an additional layer of security and preventing malicious emails getting through to your users in the first place is a far safer strategy than hoping your users are on alert at all times.

Your email security should also protect your users against potential phishing attacks or email fraud.

The current threat landscape points to email and malicious websites being the biggest cyber security threats to your users.

Whilst it is good practice to tell your users not to open emails from people they don’t know, open unexpected attachments or click on web links that they aren’t sure of – human nature means that it is easy to do all these things without even thinking about the security implications.

Adding an additional layer of security and preventing malicious emails getting through to your users in the first place is a far safer strategy than hoping your users are on alert at all times.

Your email security should also protect your users against potential phishing attacks or email fraud.

Relying on device based software means that your users could be at risk if they use their own devices to access your school email. Without the additional layer of security on your email, your users could be subject to fraudulent emails leading to credential theft or data loss. It could also put their devices at risk of malware.

The current threat landscape points to email and malicious websites being the biggest cyber security threats to your users.

Whilst it is good practice to tell your users not to open emails from people they don’t know, open unexpected attachments or click on web links that they aren’t sure of – human nature means that it is easy to do all these things without even thinking about the security implications.

Adding an additional layer of security and preventing malicious emails getting through to your users in the first place is a far safer strategy than hoping your users are on alert at all times.

Your email security should also protect your users against potential phishing attacks or email fraud.

Without the additional layer of security on your email, your users could be subject to fraudulent emails leading to credential theft or data loss. It could also put their devices at risk of malware.

Next Question

8 of 9

Do you regularly role out patches and updates to your servers and devices whilst maintaining a disaster resistant backup?

Advice, tips and knowledge

Schools will need to have a secure baseline build for all their devices and any functionality that does not support a user or school need should be removed or disabled.

Critical updates to operating systems, browsers and email should be deployed within 14 days.

All other security updates for other software should be deployed within 28 days.

You may want to use automated patch management and software update tools to help you stay on top of these things. Only supported versions of software should be used.

Next Question

9 of 9

Do you have any servers or devices that are running Operating Systems such as Windows Server 2003 or Windows XP?

Advice, tips and knowledge

The latest versions of Windows Server 2016 and Windows 10 offer an enhanced set of security features and are by their design more secure than the previous versions. The operating systems also get regular updates that patch potential vulnerabilities much quicker.

Using older operating systems means that your devices are less secure and if they are no longer supported then they are also not likely to be receiving any security patches. This puts them and the data they have access to at risk.

The latest versions of Windows Server 2016 and Windows 10 offer an enhanced set of security features and are by their design more secure than the previous versions. The operating systems also get regular updates that patch potential vulnerabilities much quicker.

Using older operating systems means that your devices are less secure and if they are no longer supported then they are also not likely to be receiving any security patches. This puts them and the data they have access to at risk.

You should keep an eye out for information from the providers of the software so that you can plan migrations and upgrades carefully to ensure you are always on a supported operating system.

The latest versions of Windows Server 2016 and Windows 10 offer an enhanced set of security features and are by their design more secure than the previous versions. The operating systems also get regular updates that patch potential vulnerabilities much quicker.

Using older operating systems means that your devices are less secure and if they are no longer supported then they are also not likely to be receiving any security patches. This puts them and the data they have access to at risk.

You should keep an eye out for information from the providers of the software so that you can plan migrations and upgrades carefully to ensure you are always on a supported operating system.

Complete

Enter your details to receive your
free personalised action plan.

Your personalised action plan gives you guidance on how you can improve your security provision, to one that is aspirational and innovative.

Thank you for taking time in completing our survey.

View action plan
back to top button Let's talk