As schools gather their Teacher Assessed Grades (TAGs; We do like a good acronym in education) it got me thinking about cyber security.
The two potential key issues I see in relation to TAGs are:
- Loss of access: So, this could be deletion, ransomware or some other issue which means the school doesn’t have access to these important grades and therefore is unable to provide them to the relevant exam boards.
- Manipulation of grades: This would be an individual, internal, or external, gaining access to the grade information and manipulating it either for someone benefit or simply to cause mischief.
For this post, lets focus on loss of access: So, what measures can a school take?
The key mitigation measure for loss of access is backup. We need to ensure a backup is kept separate to the main systems on which the data is stored. So, if the data is being stored in the schools Management Information Systems (MIS) then ideally there should be an exported copy stored in Office 365. By keeping it in a separate system, we hopefully avoid any potential issues which might result from a significant problem with the MIS followed by issues recovering the MIS from its own backup. As our data backup is in a separate system, we would be able to deal with this scenario.
Ideally, we also want to keep copies geographically separate, so maybe stored on a separate site or using a cloud-based solution. We may also choose to use a removable media solution to “airgap” our backup.
The key thing for me is that there is no one single solution. You need to consider the risk, the available mitigation options, and their cost, in terms of financial costs, time, staffing, difficulty/complexity, etc. and then decide what works for your school. For example, removable media may help in terms of air gaping our backups, but it also would incur costs in terms of time to remove, replace and store the tapes/drives in use. If staff is limited this may therefore me a less appealing option. It is also about avoiding reliance on a single process/solution. So, having tape backup as a single solution is unlikely to be sufficient. You should be layering the various backup options to arrive at a solution which is appropriate to your resources, your data, your finances, etc. while reducing the risk of any single point of failure.
The other point I think is important to make regarding backups is the need to test them. All too often the only time backups are tested is at the point when recovery is required due to an incident. It is at this point that we can least afford backups to fail. As such it is important to test backups to make sure they work as they should, that you are aware of the processes and aware of any potential pitfalls. By doing so, you can be reasonably assured that when you truly and urgently need them you will know what do to and can be confident in the likely success of recovery processes.
Coming up with your school’s solution to backup doesn’t need to be complex. It is about considering different scenarios and the mitigation options and then identifying what is right for your school based on its needs and its appetite to risk. As I have often commented, it is all about risk management.
A little bit of a technology post today: Backups including redundant solutions are increasingly important in organisations as we seek to keep our IT services up and running for our own internal users and also for external users or clients/customers. This might be taking backup copies of data to tapes, having a redundant firewall or internet connection or having a cloud-based service available to replicate on-premise services in the event of a disaster. My concern however is that we can feel better for having these solutions in place happy in the knowledge that we are better off and more protected than if we don’t have them. The issue is that this sense of additional protection is false. Just by having a backup solution of one type of another doesn’t mean that it will work when things go wrong. We also need to be cognisant of the fact that when things do go wrong the result is often one of stress and urgency as we seek to restore services while under pressure from users, business leaders and process owners among others. We need to adopt a scientific mindset and test the backup solution to make sure it works as intended. It is much better to test our backup solutions to a timetabled plan than having the first test of a solution being a full blown real life incident where failure of the system could result in difficulties for the organisation. We also need to bear in mind that just because it works on the day the solution was put in place, or even works today doesn’t mean it will work in a weeks or months’ time, or in a years’ time when we truly need it. We need to have a robust programme of testing our backup solutions to ensure that they work, that we are aware of how they work and any implications and that those who need to use them are comfortable with their use. Only by doing this can we be more comfortable in the knowledge that, when something does go wrong, we have a solution in place and are ready to put it to use.
The perfect example of the above, for me, was a recent test of our own backup solutions which included a service which indicated that recovery to a redundant system would be complete in 4 hours plus would be based on data backup taken regularly. Upon testing the solution we found that the 4 hours recovery period was exceeded due to issues with the backup and the data was 3 days old. We also found that there were implications for other systems when the test failure occurred.
Technology and Learning