Cyber security attacks are now commonplace in the news headlines and are impacting both multinational corporations and small business alike.
This has resulted in an unprecedented increase in the levels of ransomware and cyber-attacks in the education sector and has highlighted the need for all schools to have robust cyber security measures in place. To support this, the DfE and National Cyber Security Centre have provided comprehensive guidance to schools about the levels of protection and controls they should have in place. Unfortunately, this detailed advice can be overwhelming, and crucial measures are sometimes missed. Virtue Technologies takes cyber security very seriously and we want to help schools understand and implement controls and to mitigate the risk of an incident.
Any cyber security incident can affect your school’s ability to function. It’s not only the security of your data that is at risk; your reputation can be significantly damaged too, in the age of sensationalist news stories and social media gossip.
Our expertise and years of experience in education means we can help you to make sense of all the guidance, and identify the vulnerabilities in your security, so they can be fixed.
We work with Multi Academy Trusts and schools of all sizes to deliver tailored solutions which significantly reduce the risk of these incidents occurring, whilst supporting compliance with the government guidelines.
Cyber Security Review
The cyber security requirements from the DfE, National Cyber Security Centre, Insurances Companies and other bodies are increasing the need for schools to manage a growing number of controls to manage their cyber risk.
Our Cyber Security Review collates all these requirements into a single pack to help schools understand the full range of controls that should be in place and assesses their approach against each requirement.
The review is interview based and explores the controls in place to mitigate a cyber-attack by working though the applicable requirements. This includes areas such as:
- User Awareness,
- Boundary Protection
- Secure Configuration
- Update Management
- Data Protection
- Administration Access
- Strategy and Planning
We will then present the findings back to the school in a short presentation, offering practical recommendations and a written report. We will also re-visit 6 months later for a further review, to help the school or trust demonstrate their progress.
The Virtue Cyber Security Review is set out against the key themes identified by the DfE and National Cyber Security Centre: seek out information, raise awareness, and improve preparedness.
Cyber Security Configuration Review
The Virtue Cyber Security Configuration Review provides assurance that your school or Trust’s IT and online systems are protected from unauthorised access or change and do not present an unauthorised entry point to your network, minimising the risk of being compromised by malware, ransomware or other malicious activity.
Individually tailored to your school(s), we will carry out a technical review of your overall estate and provide a health status dashboard complete with recommendations for any required remediation. Configuration checks will be carried out against external and internal systems and will include vulnerability scanning and penetration testing. Checkpoints included in the review are:
- Firewall and internet gateways
- Web filtering
- PEN testing
- Remote user management
- Asset and patch management
- Administrative account configuration
- Endpoint and anti-malware protection
- USB device control
- Vulnerability and exploit management
- Backup configuration
- Legacy equipment review
- MFA, AD & group policy
- Device security
- Change management
- Remote users
- Server hardening
- Network protocols
- Physical infrastructure security
Presented in report format your review will provide a clear summary of the number, type and severity of any identified issues with vulnerabilities accurately identified and associated with a remedial solution. To help understand the health of the estate the report will illustrate risk through a RAG Review Dashboard and be presented in two main sections together with an Executive Summary.
- Recommendations based on the outcome of the configuration check.
- Detailed report showing risk as a result of the internal and external software scans.
Where appropriate, we can then assist you to rectify any of these issues. We will also provide expert technical advice, support and service at all times during the process.
Cyber Security Solutions
We work closely with Sophos to provide a wide range of robust cyber security products and fully managed services such as:
- Server Security
- Unified Threat Management
- Data encryption
- Endpoint antivirus
- Phishing Protection
Related case studies
Read some of the challenges we've helped our customers overcome
Bedford High School
The cyber security requirements from the government are increasing the need for schools to manage a growing number of controls to manage the cyber risk.Download the case study
Following issues with their original provider, it became imperative that their IT support move to a provider who could help them navigate their licenses, in a straightforward manner.Download the case study
Two Counties Multi-Academy Trust
Two Counties MAT were a brand new customer to Virtue when we helped them migrate their email and data from on-premise to Office 365, enabling the deployment of a Trust-wide backup policy.Download the case study