Information security and data protection are important issues for schools, MATs, colleges and other organisations. It is important that policies and practices around managing personal data are clear and well understood.
The EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 set out the data protection rules relating to the processing of personal data.
The GDPR defines how organisations (including schools, MATs and colleges) can store, use and send information relating to data subjects (including children, parents, staff).
Advice and Guidance
Advice and guidance to help schools, MATs and colleges better manage personal data
Understand the GDPR
Simplified summaries to help schools understand their obligations and the rights of data subjects
Data Protection Guidance
The SWGfL GDPR Guidance provides advice and guidance to help schools, MATs and colleges better manage personal data, and should be used alongside policies and practices already in place.
It is intended to assist schools, MATs and colleges with understanding the GDPR and with identifying steps that can be taken to improve data protection; it is not intended to provide legal advice and schools, MATs and colleges should seek their own legal advice when considering the management of Personal Data in alignment with the GDPR and the Data Protection Act 2018.
Data Protection Resources
Access the SWGfL GDPR Guidance using the links below.
Data Protection Products and Services
What is a Computer Virus?
A virus is a type of malicious software (or 'malware').
Types of Malware
A list of different types of malware, including ransomware, virus, and worm.
Protect Systems and Data from Malware
Key steps to protect systems and data from malware infections
Latest Security Threats
The latest security threats
Threats: Formjacking
Formjacking is an attack on a website to covertly gather sensitive user details
Threats: Ransomware
Ransomware is an attack method that encrypts systems and demands payment to restore them
Threats: Targeted Attacks
Automated cyber attacks have been popular for some years. However, there is a growing trend in more targeted attacks
Email Phishing Explained
Email Phising, How common is it? What's the point? How does it work? This is your one-stop-shop for understanding phishing.
Different Types of Phishing
There are a number of ways cyber-criminals can attempt phishing. These are the most common.
How to Spot Phishing Emails
Phishing emails are becoming increasingly convincing, but there remain tell-tale signs that you can look for. This article describes how to assess an email to identify phising emails.
An Example of Phishing
An example of a real phishing email we received - with explanations of how we knew it wasn't genuine.
Technical Phishing Prevention
There are a number of software solutions that can prevent phishing - we run through the best in this article.
Human Phishing Prevention
Your networks' users are the final line of defence against phishing. Help them help you with our top tips to prevent phishing.
Phishing Flowchart
Phishing emails trick you into giving away personal information. Use our flowchart to check whether you’re being phished.
360data
An online self review tool, designed to help schools and SMEs review their posture, policies and procedures around data protection and information security.
Ransomware White Paper October 2018
This document provides an overview of the guidance from SWGfL as well as signposts to products and services that can help
SSL Certificates
TLS/SSL Certificates from Certifcate Authority QuoVadis for Schools
