We’ve all had it. The frustration of losing a password and trying umpteen combinations to try and access important information. This annoyance is often followed by having to remember who your childhood hero was (for some reason I always go Spiderman (I shouldn’t have told you that)) or even having to recall a ‘memorable word’, whatever that is.
Yet we do all of this because we value the security of our data. No one wants to have sensitive information plastered across the internet for unknown and often, nefarious characters to access. Unfortunately, in the current climate, our systems and passwords are not equipped to deal with sophisticated attacks; this is particularly true when we look at threats to schools in the last 18 months.
There have been more than 70 attacks on schools during the pandemic. Sophisticated hackers have followed up these intrusions with threats of data exposure and have often requested financial transactions to prevent this from happening.
Even though schools are not necessarily known for their cashflow, the brutality of these attacks knows no bounds and across the education sector we have witnessed loss of coursework, school financial records and even the release of personal details onto the dark web. Harris Academy suffered financial losses of £500k in a battle with Russian hackers in March of this year. With data being withheld, the trust was unable to submit results to the exam boards, jeopardising the future of hundreds of students.
The DfE have announced measures to combat these ever-present threats to schools. They plan to introduce tools for schools to measure their own levels of cyber security. These measures will then serve as guidance to establish positive changes to prevent cyber criminals from gaining access to their systems.
However, this process will not begin until 2022 and with many schools having to suspend all communications in and out of their premises and spending vital cash on preventative measures, how can they be proactive in ensuring they do not fall victim to malicious cyber-attacks?
Well, to begin with, we need to examine how these threats manifest and what tools are used to allow hackers to gain access to systems. Three of the key methods of penetration are as follows:
The solution? The cloud. A cloud-based system means that data is stored and secured in a central system as opposed to device-by-device. At Bromcom, school servers are hosted using our own sophisticated infrastructure which is maintained by in-house IT professionals with an acute understanding of data security. All of Bromcom’s support desk, based exclusively in the UK, are technically trained help desk engineers who are able to resolve the majority of queries upon first contact.
While many schools and trusts feel that by sharing with a third-party, they are relinquishing their control, they are in fact allowing industry experts to protect their sensitive data. This takes significant pressure off the shoulders of IT managers who would need a high level of IT and security expertise to constantly maintain and monitor an on-premises server. This transition to a third-party really does help to eradicate threats to schools.
Additionally, the cloud allows for considerable flexibility. Though teachers often bring work home with them by way of marking, they are often unable to access data securely from the confines of their own home. During the pandemic this has been an issue for schools up and down the country. With the cloud, this needn’t be an issue. The cloud essentially provides online access to school data anywhere, anytime, while retaining all the functionality you would experience in the classroom. Though there may be an assumption that this would seem less secure as data is being accessed from different locations, this is far from the case. In fact, a reliable cloud storage provider such as Bromcom, means that the valuable data recorded by teachers and support staff is stored in a central system meaning that if there is a security breach on your device, data is far less likely to be compromised. This one stop shop requires one password meaning you are not switching between programmes and having the arduous task of logging into several accounts. You can now conduct your business off campus and know that whatever is on your screen, it is protected. With our built-in BI analysis to boot, there really is no limit to what you can do.
Another distinct advantage of a cloud-based MIS is scalability. Cloud scalability means schools or MATs can increase or decrease IT resources as needed to meet changing demand. Again, this takes the pressure off the IT managers who will no longer have to relentlessly update software of hardware to accommodate new subjects, classrooms or even schools.
Cloud storage and security has never been better, and this is particularly the case with Bromcom. We continue to develop and innovate; this is evidenced by our accreditation.
As a company we are both ISO 27001 and ISO 9001 accredited. In the first instance, this speaks to the quality of our software with ISO 27001 being the international benchmark for data security software. The awarding of ISO 9001 certification is centred around quality management principles which includes strong customer focus and dedication to continuous improvement of the product. Not only do we strive to have the best products, we want to ensure we have the right infrastructure behind them to ensure that schools are never negatively impacted.
Alongside this international accreditation, we are certified by Cyber Essentials. In line with this certification, we are audit annually by an approved NCSC body to ensure our IT systems are secure and we have adequate defence in place to combat cyber threats. Finally, our CSA STAR certification was the result of a successful in-depth third-party independent assessment of our Cloud MIS.
Cyber threats to schools are not going away anytime soon. As criminals become more and more sophisticated with their attempts to gain access to computer systems, schools need to ensure they are up to the task of keeping these individuals at bay. With a Bromcom Cloud MIS, there is a single point of truth requiring one password which can set your mind at ease when dealing with sensitive data, wherever you may be.