Rezolution ICT Ltd operates in full compliance with the General Data Protection Regulation (GDPR) and the UK Data Protection Act (DPA). We are registered with the ICO. (Information Commissioners' Office) - ICO. Certifcate ZB320690
Find out what standards your school or college should meet on cyber security and user accounts.
Cyber incidents and attacks have significant operational and financial impacts on schools and colleges. These incidents or attacks will often be an intentional and unauthorised attempt to access, change or damage data and digital technology.
They could be made by a person, group, or organisation outside or inside the school or college and can lead to:
What is the difference between these standards and Cyber Essentials?
These standards are for all schools and colleges to help build their cyber resilience. They address the core principles of cyber governance, processes and strategy.
Cyber Essentials is a government-backed certification that happens on an annual basis. It provides a level of assurance to organisations across all sectors – not just the education sector – on the technical elements of their cyber security.
Whilst the Cyber Essentials certification is not a requirement, some schools and colleges may wish to complete it as part of their cyber security activities. These standards can help you work towards certification. However, it is for the senior leadership team (SLT) to decide whether Cyber Essentials is right for your school or college now, and in the future.
The new Standards (Link)
Filtering and monitoring standards for schools and colleges
Please see our Internet Safety page
Please see below link for an NCSC Cyber security training video with a downloadable certificate available upon completion
https://www.youtube.com/watch?v=pP2VKWSagE0
Main Pages
https://www.ncsc.gov.uk/information/cyber-security-training-schools
https://www.ncsc.gov.uk/blog-post/ncsc-cyber-security-training-for-staff-now-available
Training Page
https://www.ncsc.gov.uk/training/v4/Top+tips/Web+package/content/index.html#/
The four topics you will cover are:
Rezolution ICT are "Cyber Essentials" certified. We have achieved this every year in business. 2022, 2023 and now 2024.
Certificate Number: a2986778-f4ad-49d0-886c-601a9b7feb00
(updated July 2024)
Link to Certificate 2024 (external link)
What is Cyber Essentials?
Cyber Essentials is an effective, Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks. Cyber attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked. Our advice is designed to prevent these attacks.
As as DfE Standard we are actively recommending our customers use 2FA where ever possible for access to systems which hold sensitive school data. This includes Microsoft 365 logons. (We have successfully implemented 2FA for all staff 365 logons at our regular visit customer sites)
We enable additional email security for our customers as per recommendation by the NCSC. We are currently moving our schools to a DMARC quarantine then reject policy.
https://www.ncsc.gov.uk/collection/email-security-and-anti-spoofing
We are currently performing this audit in all our schools. The criteria is taken from a mix of Cyber Essentials and DfE Security recommendations.
We have created a document to assist our organisation and our customers with regard to such an Incident. This includes all types critical incidents where ICT Systems and/or data is affected. This is to compliment a customers existing Disaster Recovery Plan or Cyber Incident Response Plan.
These documents have already been sent to our customers as part of our welcome pack but If you need a further copy please let us know.
Data Processing Agreement
Data Protection Policy
Privacy Notice
Risk Assessment - Method Statement
SLA - Regular Engineer Visits
ICO. Certifcate ZB320690
Police CyberAlarm monitors the logs of traffic seen by a member’s connection to the internet. It will detect and provide regular reports of suspected malicious activity, enabling organisations to minimise their vulnerabilities. The data collected by the system does not contain the body of the traffic. The system is designed to protect personal data, trade secrets and intellectual property.
Members of Police CyberAlarm will become part of the wider UK cyber defence network, sharing collected data with police for analysis at local, regional and national levels to identify trends, react to emerging threats and identify, pursue and prosecute cyber criminals.
Vulnerability Scanning can be added and used to scan an organisation’s website and external IP addresses, providing regular reports of all known vulnerabilities.
Data received by the Police CyberAlarm Server is then used to create regular reports on potential malicious activity seen by individual members as well as reports containing threat trends seen across the member network. Members can then use this reported intelligence to update their defences to better protect themselves from cyber threats.
Finally, this data is also used by the police cyber crime units to enhance the UK cyber crime threat picture, enabling them to identify, pursue and prosecute cyber criminals.Police CyberAlarm was initially launched as a pilot in the North West, North East, East Midlands and South Wales before being rolled out nationally making it available to forces in every region in the UK to offer to businesses.
Since Police CyberAlarm launched it has identified over a billion potential malicious incidents resulting in reports and advice being given to members, enabling them to take action to prevent a successful attack.
Registering for the Police CyberAlarm is a requirement of the Risk Protection Arrangement (RPA) for schools (this does not include running the software, purely registration)
To register please use the link below
More information
https://www.ncsc.gov.uk/information/regional-organised-crime-units-rocus
Rezolution ICT Ltd are registered with Police CyberAlarm