The next academic year is just around the corner and new security challenges are sure to present themselves along the way. The previous year saw a number of emerging and growing concerns, ranging from physical dangers including the rise of weapons in schools, to cybersecurity and a proliferation of ransomware attacks against public bodies such as the NHS. As students across the UK head back to the classroom, educational facilities must conduct their own security health checks to ensure they are effectively safeguarding their students and staff.
This will be no easy feat; it is imperative that educators themselves are fully informed regarding the convergence between physical and cyber threats. Creating a bespoke mitigation strategy, encompassing a thorough review of all systems to effectively tackle the double-threat, is of critical importance this coming academic year.
Preparing for the year ahead
The incoming General Data Protection Regulation (GDPR) is redefining the way security and data protection is approached in education. The new regulation is set for implementation in May 2018 and enforcement will follow thereafter; the rules concentrate on securing Personally Identifiable Information (PII), with severe non-compliance leading to fines of up to 20 million euros, or 4% of a company’s annual turnover, whichever is greater. The GDPR has been developed to maintain the privacy of individuals in the digital age, guaranteeing organisations are protecting systems against internal or external breaches that could leak private data, such as student images or exam paper material.
To aid education professionals looking to assess the current state of their CCTV and associated security systems, NW Systems has created a dedicated technical checklist as an indicator of whether a more in-depth analysis is required. The checklist includes pointers such as ensuring any security provider has been vetted for their own data protection and cyber security compliance. Performing this due diligence is a vital step in supply chain security – if a breach occurred and it was the fault of a supplier, the educational facility would still be held responsible for the attack under GDPR and would therefore be at risk of hefty fines and reputational damage.
Consequently, it is of utmost importance that data is sufficiently protected through strong cyber and physical security methods. Cyber-attacks are making almost daily headlines, meaning the need to strongly secure a network is becoming more apparent. This includes any device that functions on a network, such as IP video cameras and access control devices. As these technologies often create PII, they are becoming a much greater target for cyber-criminals. Mitigating risks such as these can be as simple as using strong and unique passwords, but also includes conducting risk assessments and determining possible threats
Assuring our security and yours
As organisations search for reassurance that their partners are also conducting such assessments, schemes such as the Cyber Essentials certification are likely to grow in popularity. NW Systems is Security Systems and Alarms Inspection Board (SSAIB) approved, and has also recently achieved its Cyber Essentials and Cyber Essentials Plus certifications. This not only helps assure our own security, but also means we are armed with the knowledge, systems and processes to ensure the security of others.
A large proportion of education institutions are already aware of the benefits of using security systems on an existing IT network. With a growing number of regulations relating to the use of this technology, ensuring compliance is becoming more important as time goes on.
Use the CCTV & Security Best Practice and Compliance 8-point checklist in our latest whitepaper to determine if your establishment is ready for the new academic year.