July 11, 2018
Rochester Grammar School has reported itself to the ICO (Information Commissioner’s Office) after a serious GDPR data breach (from the BBC).
An unencrypted USB stick containing data of over 1000 pupils was lost and handed back to the school by a member of the public.
This failure to follow GDPR policies has left the school open to potentially huge fines, highlighting the absolute need for not only training staff in GDPR procedures but ensuring all policies are followed – and the reasons why. For Security ANY data leaving School premises MUST be in an encrypted format.
JSL are GDPR practitioners and have helped many schools with staff training and fully understanding why it is critical to follow these legally required procedures.
For more information on GDPR Compliance in Schools please read further information HERE.
November 29, 2017
GDPR in schools, what does this mean?
Schools in the UK must act quickly to overhaul their management of personal data. The new legislation defines personal data as any information relating to an identified or identifiable natural person – this broad definition means that schools must carefully review and classify all of the data they hold. Beyond this, you will need to create new data protection policies, set up data management schemes, maintain auditable records, design and perform regular data protection impact assessments and ensure that any third party companies you work with are also in compliance with GDPR.
When will it become law?
The GDPR comes into force on 25th May, 2018.
What does this mean for my school?
You must gain the ability to rapidly detect and report on data breaches, and to find, modify or remove personal data on request and within specified time limits.
As schools are processing significant personal and sensitive data, Schools are classed as a public authority and therefore MUST designate a Data Protection Officer, to take responsibility for data protection compliance. Schools may share a DPO, or use an external contractor as long as the appointed DPO has expert knowledge of Data Protection Law and has a reasonable overview of how the school use, store and protect their data. However remember the school itself is still responsible and liable to comply to GDPR not the DPO.
Click here to see our frequently asked questions around GDPR in schools…
October 3, 2017
Technology moves incredibly quickly – so what’s the next big step? Technology enriches our every day lives but is constantly changing and adapting to suit environments. There is especially a lot of hype around security at the moment, so we will be looking at the difference between Cloud Servers V. Dedicated physical Servers and how they can work for you.
So, What is the difference between a cloud server and a dedicated server?
If you’re not sure whether cloud servers or dedicated servers are right for your environment, then we will explain the differences and point out some benefits and limitations.
If you need to optimize IT performance without the large costs associated with purchasing and managing a fully dedicated infrastructure, cloud servers are a great option. It is very adaptable and scale able, and those with variable demands and workloads. With Cloud servers you will only pay for what you use so you will also save on space, power usage, maintenance and hardware purchases. They are easier to perform maintenance and upgrades and therefore save money or resources on technical support.They will give you the benefit of infinite flexibility. You can scale resources up or down resources depending on demand, and avoid paying for idle infrastructure costs when demand is low.
Cloud servers can be configured to provide levels of performance, security and control similar to those of a dedicated server. But instead of being hosted on physical hardware that’s solely dedicated to you, they reside on a shared “virtualized” environment that’s managed by your cloud hosting provider.
A dedicated server is a physical server that is purchased and configured entirely for your own needs. Dedicated servers are great for large businesses, organizations that require exceptionally high levels of data security, or organizations that have predictable demand necessitating all of their servers running 24x7x365. Businesses using dedicated servers still need the IT capacity and expertise to manage the ongoing maintenance.
There is no doubt that Physical servers still have a place in certain organisations, and this is unlikely to change. However, if you do not have a dedicated in house team of IT professionals to manage and support your infrastructure and exceedingly high levels of data security are not required, then cloud computing could be the way to go! Cloud computing can offer resilience, easier scalability and management, security, and save you money.