Schools and educational institutions are common targets for cyber attacks due to their reliance on technology and the sensitive information they hold.

According to a report by the National Cyber Security Centre (NCSC), the UK education sector has been identified as a “significant target” for cyber attacks, including ransomware and malware.

It is important for schools and educational institutions to implement robust cybersecurity measures, including regularly updating software, using strong passwords, and regularly backing up important data, to reduce their risk of falling victim to a ransomware or malware attack.

Following the publication of this report and the new DfE Cyber Security standards, we have put together a few cost effective packages to help you meet these standards and to protect your data.

The prices below are for our contract customers only and are provided at very near to cost price.

The prices for schools where no managed services agreement is in place will be significantly higher.  If you are a non-contract school, please contact us for pricing.

Icon showing servers being backed up to the cloud.

Essential – Server Backup

To meet the DfE Cyber Security Standards and the RPA Insurance requirements, you need an offsite backup.

To help schools meet these requirements, we have procured a cost effective, highly secure solution.

Cost £600 per year

a black and white photo of a clock tower

Essential – Server Security

  • 24/7 Monitoring by a team of threat hunters
  • AI-powered protection
  • Detects known and unknown file-based malware
  • Detects unknown exploits and bypass attempts
  • Attack remediation

Cost £120 per year

a black and white photo of a clock tower

Headteacher & Office Security

  • Same as the Server Security but without the 24/7 monitoring

£70 per user, per year

a black and white photo of a clock tower

Email Backup

  • Exchange Online (email, calendar, contacts)
  • OneDrive
  • SharePoint
  • Teams

£25 per mailbox, per year

a black and white photo of a clock tower

Email Security

  • Secure all email – incoming and outgoing
  • Advanced AI-based anti-phishing
  • Anti-spam filtering
  • Known malware prevention
  • Protection from zero-day malware
  • File sanitisation (CDR)
  • Malicious links protection
  • Account takeover prevention
  • Unauthorised applications detection

£50 per mailbox, per year

All of these services comply with GDPR and we are happy to submit a Data Protection Impact Assessment (DPIA) to your Data Protection Officer (DPO) for compliance purposes if required.

Still need convincing?

Watch our animated story below…  this may be a fictitious story, but similar events are happening across the UK all of the time.

Why are you recommending additional security software for the server and admin machines?

Microsoft Defender is not enough

Microsoft Defender does a good job, but it is not centrally managed or monitored.

The security software we’re recommending comes with 24/7 monitoring which will alert us of any threats.  This is crucial for servers as it will enable us to halt any ransomware encryption and ensure the school gets back up and running in a timely manner.

Schools are actively being targetted!

Earlier this year, 14 schools were impacted by a ransomware attack and sensitive data was leaked online (BBC News)

In September 2022, six schools in a multi academy trust were hit.

In August 2021, the BBC reported that six schools were hit by a cyberattack that prevented their staff from accessing their computer systems. The Isle of Wight Education Federation saw its IT systems become compromised by the ransomware attack which encrypted its data.

How will this protect my school?

  1. Early detection of threats: Our tools provide real-time monitoring and threat detection, which allows us to respond promptly to any potential attacks on the school’s servers.
  2. Faster response to incidents: When an attack occurs, our tools can isolate the affected systems and contain the threat to prevent it from spreading. This can help limit the damage and reduce downtime.
  3. Proactive threat hunting: Our tools use advanced algorithms and machine learning to identify new and emerging threats, allowing us to take proactive measures to prevent them from affecting the school’s servers.
  4. Compliance: Many schools are subject to regulatory compliance requirements, such as GDPR and RPA and our solution can help schools meet these requirements by ensuring that sensitive data is protected and that access to the school’s systems is secure.

Why do I need to backup my data?

The Reasons We Strongly Recommended It:

  • The Department for Education (DfE) Cyber Security Standards for schools and colleges recommends that backup and disaster recovery procedures should be in place to ensure that critical data and systems can be recovered in the event of a security incident.
  • A backup solution would provide the school with a reliable and secure way to protect against data loss due to hardware failures, cyber attacks, accidental deletion, or natural disasters.

The Problems It Would Address If Implemented:

  • A backup solution would ensure that the school’s critical data and systems are protected and can be recovered quickly in the event of a security incident or data loss.
  • It would also provide the school with a reliable way to meet the DfE Cyber Security Standards for schools and colleges and the Risk Protection Arrangements (RPA) membership rules for academy trusts.
  • Without a backup solution, the school would be at risk of losing critical data, which could lead to operational disruptions, reputational damage, and regulatory fines.

Some (but not all) Of The Risks to your Business If Not Implemented:

  • Failure to implement a backup solution could lead to non-compliance with the DfE Cyber Security Standards for schools and colleges and the RPA membership rules for academy trusts.
  • In addition, if the school experiences a security incident or data loss, it could result in data breaches, reputational damage, and regulatory fines under UK Data Protection law and GDPR.
  • The school could also face operational disruptions and financial losses if critical data is lost or inaccessible due to hardware failures, cyber attacks, accidental deletion, or natural disasters.