Children’s Early Years providers in the U.K. are being encouraged to take their first steps to boost their online defenses with first-of-its-kind practical advice produced by cybersecurity experts.
The U.K.’s National Cyber Security Centre (NCSC) – a part of GCHQ – has published its bespoke guidance for Early Years education and childcare settings, offering practitioners top tips on how to protect their devices and data from cyber incidents.
Nurseries, pre-schools and childminders are increasingly relying on technology to operate and are therefore an appealing target for cyber criminals due to the sensitive information they hold and payments they handle.
The guidance, which has been produced in consultation with major stakeholders, covers topics including setting up strong passwords on devices and accounts, how to communicate with families safely and dealing with suspicious messages.
Sarah Lyons, NCSC Deputy Director for Economy and Society Engagement, said:
“We know that incidents affecting the education sector are increasingly common, so it’s vital that all providers know how to secure their devices and sensitive data.
“As many Early Years practitioners work on their own without dedicated IT support, this guidance sets out the practical first steps they can take to protect themselves from cyber incidents.
“By following our advice, they’ll not only be keeping their businesses safe, but will also be keeping those in their care and families safe too.”
Children and Families Minister, Vicky Ford, said:
“It is paramount that early years settings have robust cybersecurity in place to help them communicate with children, families and staff delivering early education and childcare provision safely.
“Like most professions, the early years sector is increasingly reliant on technology and this new guidance will support them with protecting sensitive data and minimising the risk and detriments of a cybersecurity incident.
“Education settings are directly responsible for their own security and data protection so I encourage all early years providers to take steps to improve their resilience online.”
The new guidance aims to help practitioners reduce the chances of falling victim to a cyber attack, and to help them recover from an incident if one does occur.
The four key steps for practitioners to follow are:
- Backing up important information – identifying what data you couldn’t operate without or are legally obliged to safeguard and creating a proper back-up.
- Using passwords to control access to computers and information – switching on password protection; using strong passwords and password managers; setting up two-factor authentication and communicating safely with families
- Protecting devices from viruses and malware – turning on antivirus products and keeping IT devices up to date
- Dealing with suspicious messages (phishing attacks) – tips for spotting suspect messages and unusual requests, reporting these messages and what to do if you have already responded.
Expert guidance and advice for other educational settings can be found on the NCSC website. This includes questions for schools’ governing bodies to help with understanding of cyber risks, cybersecurity information cards for school staff and most recently blog-posts aimed at securing home learning.
The NCSC recently led a webinar about cybersecurity aimed at Early Years practitioners as part of Cyber Scotland Week. The session is still available to watch online on Education Scotland’s Glow DigiLearn platform.