In its recent revision of the guidelines for inspection, Ofsted stated schools must seek to protect and educate pupils and staff in their use of technology. This includes having the appropriate mechanisms in place to intervene and support any e-safety incidents. A school’s network infrastructure, and more importantly the data on it concerning pupils, staff and core admin functions, is arguably its key asset. As such, any e-safety plan needs to extend to the appropriate protection of confidential data.

Ofsted has stated that one indicator of inadequate performance is through unsecured personal data and leaving school websites without adequate encryption. If lost or stolen, the impact upon a school’s finances or reputation can be severe. So how should an adherence to compliance be addressed?