Securing your Schools Data

Following the below steps will ensure that your school is secure and your data is protected:

Set up Unique Identities

All schools must ensure that each staff member has their own unique online identities, their own staff email account in Microsoft Office 365.

Staff should never share email addresses or online identities, such as Head@, Bursar@ and ITCoord@. This helps ensure that access to online systems is kept secure. Watch our short video to learn why unique identities are so important.

Role-based email accounts should not be used to access systems and services where personal, sensitive, or confidential information is accessed, uploaded, or stored.

Watch the below videos to learn why unique identities are so important:

For more information and advice on implementing unique identities, please visit our How to Set up Office 365 Identities support page.

Set up Shared Mailboxes

Turn generic mailboxes into shared mailboxes.

Never use generic email address to set up accounts which contain sensitive data, generic mailboxes tend to be in the public domain and have a greater chance of being compromised, there is also the risk that other staff can gain access to this account if the email address is used by multiple people.

For more information and advice on how to set up shared mailboxes, please visit our How to Set up Office 365 Identities support page.

Enable Multi-Factor Authentication 

Ensure that Multi-Factor Authentication is set up and working

Multi-factor authentication (MFA) is a multi-step account login process that requires users to enter more information than just a password. A code sent to a separate device will be required, if the users credentials are compromised when an attempt is made to access the account the code will be required which the compromised attempt will not have access to.

Multi-factor authentication (MFA) increases the security of staff accounts and can protect your school from many cyber threats such as hacking, social engineering, phishing and pharming.

Watch video three - Making Unique Identities and Multi-Factor Authentication easier to use in Schools: 

 

Set up Conditional Access 

This additional step allows multifactor authentication checks to be passed without entering a code when set parameters are met. E.g. it recognises the schools IP range or an approved device. If a device away from the school tries to log in, the MFA check will be required and will stop unauthorised log ins.

For more information and advice on implementing unique identities, please visit our How to Set up Office 365 Identities support page.

Microsoft EES Licensing

We provide schools with the opportunity to access cost effective licensing for Microsoft Software and Cloud Services with our Microsoft Annual Licensing Service.

  • Schools are increasingly using Multifactor Authentication (MFA) to protect their ICT systems and data. The A3 licence provides an additional enhancement to MFA called Conditional Access.

  • Conditional access can streamline the use of MFA, reducing the number of times users are prompted to authenticate using a second factor.

  • It works without compromising the enhanced security protection that MFA provides. A good example of this is using conditional access to only prompt for MFA when accessing outside of school.