Following an increase in phishing emails at the Abbey Multi Academy Trust in Leeds, technical director David Ryder identified a vast number of emails coming from other educational establishments and affiliates. Identifying the potential negative impact of a user ‘falling for’ a phishing email and giving away credentials, along with their ongoing cybersecurity projects, they prioritised work around phishing and mitigating the risk of a breach.
In partnership with Schools Broadband, David Ryder has created a seven-point best practice guide for schools throughout the country. Abbey Multi Academy Trust utilises the Microsoft 365 email system. Whilst some of their actions are specific to this platform, they are transferable to other email systems.
Here are three of the best-practice points they identified:
1. Mandatory phishing training for all staff – Each of our eight academies have had a training session from the head of IT services, providing awareness of phishing emails and the impact of them. This training is to be renewed annually with updated information. A version of this is also provided to students as part of ICT lessons.
2. Mail flow rules – We have created a set of mail flow rules, which we can amend manually when we have suspicious senders or content in the subject/body. This gives us granular control over email blocking.
3. Multi-factor authentication (MFA) – Microsoft offers MFA free for educational licences. Enabling this for all staff accounts across the trust means even if credentials are given away, there is much less risk of an account been accessed.
For more detail on search and destroy, mail access protocols (mail apps), phishing campaigns and training and alerts via 365 Security Centre, please click here.
For more information on Schools Broadband’s award-winning managed security service from Fortinet, please call 01133 222 333 Opt 3 or email info@schoolsbroadband.co.uk
Seven steps MATS and schools can take to prevent phishing attacks
Bob Tomblin
Following an increase in phishing emails at the Abbey Multi Academy Trust in Leeds, technical director David Ryder identified a vast number of emails coming from other educational establishments and affiliates. Identifying the potential negative impact of a user ‘falling for’ a phishing email and giving away credentials, along with their ongoing cybersecurity projects, they prioritised work around phishing and mitigating the risk of a breach.
In partnership with Schools Broadband, David Ryder has created a seven-point best practice guide for schools throughout the country. Abbey Multi Academy Trust utilises the Microsoft 365 email system. Whilst some of their actions are specific to this platform, they are transferable to other email systems.
Here are three of the best-practice points they identified:
1. Mandatory phishing training for all staff – Each of our eight academies have had a training session from the head of IT services, providing awareness of phishing emails and the impact of them. This training is to be renewed annually with updated information. A version of this is also provided to students as part of ICT lessons.
2. Mail flow rules – We have created a set of mail flow rules, which we can amend manually when we have suspicious senders or content in the subject/body. This gives us granular control over email blocking.
3. Multi-factor authentication (MFA) – Microsoft offers MFA free for educational licences. Enabling this for all staff accounts across the trust means even if credentials are given away, there is much less risk of an account been accessed.
For the next four points, click here.
For more detail on search and destroy, mail access protocols (mail apps), phishing campaigns and training and alerts via 365 Security Centre, please click here.
For more information on Schools Broadband’s award-winning managed security service from Fortinet, please call 01133 222 333 Opt 3 or email info@schoolsbroadband.co.uk
Advertisement / Campaign
Thousands of adults to benefit from new STEM training
Thousands of working adults will soon benefit from free courses that will help them to rapidly…
Here’s what the education sector can learn from gaming
The public often puts gaming in a very specific corner – saying, “Gaming is harmful…
Inadequate teaching of political literacy “weakens our democracy” – report
Covid catch up requires more tech training, better broadband and wellbeing support
Your STEM Courses, Your Way
University of Dundee bids to cement STEM interest among local girls