New Cyber Security Standards For Schools Set By DfE

The DfE published new Cyber Security Standards for Schools in October 2022 after a surge in security breaches.

The DfE advises if schools have not recently reviewed their security, it should be a priority to review it including each device on your network.

Key Points In The New Standards
  • Protect all devices on every network with a properly configured boundary or software firewall.
  • Limit only accounts that require access to perform their role to have authenticated access to data and services.
  • Protect accounts with access to personal or sensitive operational data and functions by multi-factor authentication.
  • Use anti-malware software to protect all devices in the network, including cloud-based networks.
Protecting your network with a firewall
  • Properly configured firewalls prevent many attacks.
  • The Schools Broadband All-In-One hosted solution, combines firewalls, antivirus, e-mail filtering and more in one combined system, and allows complete control and visibility of hosted firewalls.
  • Secure Remote Working is achieved with our firewall’s built-in capabilities, including FortiToken 2FA, as recommended by the National Cyber Security Centre.
  • Your firewall and network is managed and monitored 24/7, 365 days a year by our combined AI and specialist security engineers, reducing the need for expensive expert staff.
  • Network devices should be known and recorded with their security features enabled, correctly configured and kept up-to-date
  • Accounts with access to personal or sensitive operational data and functions should be protected by multi-factor authentication
  • Anti-malware software should be used to protect all devices in the school network, including cloud-based networks

Schools Broadband’s filtering and network security services protect schools from downloading applications containing malware, however schools should be wary of downloading applications as even those that don’t contain malware may be harmful in other ways, such as transferring unencrypted data.

Read the full DfE Cyber Security Standards for Schools and Colleges here.