Following an increase in phishing emails at the Abbey Multi Academy Trust in Leeds, technical director David Ryder identified a vast number of emails coming from other educational establishments and affiliates. Identifying the potential negative impact of a user ‘falling for’ a phishing email and giving away credentials, along with their ongoing cybersecurity projects, they prioritised work around phishing and mitigating the risk of a breach.
In partnership with Schools Broadband, David Ryder has created a seven-point best practice guide for schools throughout the country. Abbey Multi Academy Trust utilises the Microsoft 365 email system. Whilst some of their actions are specific to this platform, they are transferable to other email systems.
Here are three of the best-practice points they identified:
1. Mandatory phishing training for all staff – Each of our eight academies have had a training session from the head of IT services, providing awareness of phishing emails and the impact of them. This training is to be renewed annually with updated information. A version of this is also provided to students as part of ICT lessons.
2. Mail flow rules – We have created a set of mail flow rules, which we can amend manually when we have suspicious senders or content in the subject/body. This gives us granular control over email blocking.
3. Multi-factor authentication (MFA) – Microsoft offers MFA free for educational licences. Enabling this for all staff accounts across the trust means even if credentials are given away, there is much less risk of an account been accessed.
For more detail on search and destroy, mail access protocols (mail apps), phishing campaigns and training and alerts via 365 Security Centre, please click here.
For more information on Schools Broadband’s award-winning managed security service from Fortinet, please call 01133 222 333 Opt 3 or email info@schoolsbroadband.co.uk
Seven steps MATS and schools can take to prevent phishing attacks
Bob Tomblin
Following an increase in phishing emails at the Abbey Multi Academy Trust in Leeds, technical director David Ryder identified a vast number of emails coming from other educational establishments and affiliates. Identifying the potential negative impact of a user ‘falling for’ a phishing email and giving away credentials, along with their ongoing cybersecurity projects, they prioritised work around phishing and mitigating the risk of a breach.
In partnership with Schools Broadband, David Ryder has created a seven-point best practice guide for schools throughout the country. Abbey Multi Academy Trust utilises the Microsoft 365 email system. Whilst some of their actions are specific to this platform, they are transferable to other email systems.
Here are three of the best-practice points they identified:
1. Mandatory phishing training for all staff – Each of our eight academies have had a training session from the head of IT services, providing awareness of phishing emails and the impact of them. This training is to be renewed annually with updated information. A version of this is also provided to students as part of ICT lessons.
2. Mail flow rules – We have created a set of mail flow rules, which we can amend manually when we have suspicious senders or content in the subject/body. This gives us granular control over email blocking.
3. Multi-factor authentication (MFA) – Microsoft offers MFA free for educational licences. Enabling this for all staff accounts across the trust means even if credentials are given away, there is much less risk of an account been accessed.
For the next four points, click here.
For more detail on search and destroy, mail access protocols (mail apps), phishing campaigns and training and alerts via 365 Security Centre, please click here.
For more information on Schools Broadband’s award-winning managed security service from Fortinet, please call 01133 222 333 Opt 3 or email info@schoolsbroadband.co.uk
Advertisement / Campaign
GoHenry launches Money Missions, an in-app gamified education tool, to aid kids’ financial literacy
GoHenry, a pioneer in kids’ debit cards, money management and financial education, today introduced Money…
A quarter of UK universities have no plans to implement blended learning, despite student demand
One in four (25%) UK universities do not yet plan to fully implement blended learning…
To thrive in a digital-first world, graduates need to get creative
Bett 2022: Education leaders urged to unplug and reconnect at Bett
Digital skills programme extended in Birmingham
More than two-thirds of final year students would prioritise hybrid working over salary in future jobs