Independent schools are an increasing target for ransomware attacks, so it should remain top priority to check that you are up-to-date with recommended measures to protect your school from these serious risks.

And an increased number of schools are suffering from ransomware attacks.

Ransomware is a type of malware that prevents you from accessing your systems or the data held there, by encrypting your data in exchange for money to get access back.

The latest research by London Grid for Learning (LGfL) – in collaboration with the National Cyber Security Centre (NCSC) – shows that:

“78% of schools said they had experienced at least one of the types of cyber security incident mentioned in the audit which means the threat is still out there. In particular, ransomware attacks continue to increase across the sector. Schools are now looking at their contingency planning for a cyber breach or attack, with 49% stating they have appropriate documents in place.”

And, replying to our enquiry, LGfL stated that independent schools participated in the audit, and that:

“the stat that is particularly pertinent is about parents losing money because that kind of scam is mostly likely to have larger impact on independent schools due to the regular large sums of money in fee transactions.”

Free guidance documents such as Elevate are available here.

Protect your school

Here is a list of measures you should regularly check are being followed with the latest recommendations

  • Strong passwords
  • Use software with Two or Multi Factor Authentication (2FA /MFA)
  • Use the most up to date version of your software
  • Install and enable Antivirus software
  • Implement strategies to prevent phishing and ransomware attacks

It’s also recommended that schools have up-to-date and tested offline backups, so if the network is taken down by a ransomware attack, it can be restored.

The NCSC’s Exercise in a Box tool helps schools to check how well-prepared they are for the most common cyber attacks.

Enable effective recovery

Although there are a variety of measures that can be taken, it is not always possible to prevent all attacks. This is why it’s important to have a working backup strategy with regular restore testing and a clear disaster recovery process.

In case the worst does happen, there are several things it is important to have in place to mitigate the damage:

  • Take backups frequently and regularly
  • Store backups for as long as possible
  • Have a disaster recovery plan in place
  • Invest in cyber insurance (this is significantly cheaper if your software has 2FA)

The Response and Recovery guide from NCSC can help schools get back on their feet.

Taking security seriously – for WCBS and customers

Security is always under constant watch. We take this very seriously and the first step to provide reassurance that we develop software in a way that takes our customers’ security seriously.

Security is not just about technology though. A key aspect of this is educating our own staff and also educating our customers about security best practices.

WCBS puts PASS in the cloud

With PASS-hosted, WCBS hosts your passFINANCE data on our cloud-based servers. A highly secure platform, it enables users to access passFINANCE remotely via a browser, from any place at any time.

Watch this short video to learn more from Antony Woodhams, Chief Technology Officer at WCBS with John Cannon, Sales Director taking you on a step-by-step demonstration of how PASS-hosted works. Alternatively, contact us for more information.