TAGs and Backup

As schools gather their Teacher Assessed Grades (TAGs;  We do like a good acronym in education) it got me thinking about cyber security.

The two potential key issues I see in relation to TAGs are:

  1. Loss of access: So, this could be deletion, ransomware or some other issue which means the school doesn’t have access to these important grades and therefore is unable to provide them to the relevant exam boards.
  2. Manipulation of grades:  This would be an individual, internal, or external, gaining access to the grade information and manipulating it either for someone benefit or simply to cause mischief.

For this post, lets focus on loss of access:  So, what measures can a school take?

The key mitigation measure for loss of access is backup.   We need to ensure a backup is kept separate to the main systems on which the data is stored.    So, if the data is being stored in the schools Management Information Systems (MIS) then ideally there should be an exported copy stored in Office 365.    By keeping it in a separate system, we hopefully avoid any potential issues which might result from a significant problem with the MIS followed by issues recovering the MIS from its own backup.  As our data backup is in a separate system, we would be able to deal with this scenario.

Ideally, we also want to keep copies geographically separate, so maybe stored on a separate site or using a cloud-based solution.   We may also choose to use a removable media solution to “airgap” our backup.

The key thing for me is that there is no one single solution.   You need to consider the risk, the available mitigation options, and their cost, in terms of financial costs, time, staffing, difficulty/complexity, etc. and then decide what works for your school.    For example, removable media may help in terms of air gaping our backups, but it also would incur costs in terms of time to remove, replace and store the tapes/drives in use.  If staff is limited this may therefore me a less appealing option.  It is also about avoiding reliance on a single process/solution.   So, having tape backup as a single solution is unlikely to be sufficient.   You should be layering the various backup options to arrive at a solution which is appropriate to your resources, your data, your finances, etc. while reducing the risk of any single point of failure.

The other point I think is important to make regarding backups is the need to test them.   All too often the only time backups are tested is at the point when recovery is required due to an incident.  It is at this point that we can least afford backups to fail.  As such it is important to test backups to make sure they work as they should, that you are aware of the processes and aware of any potential pitfalls.    By doing so, you can be reasonably assured that when you truly and urgently need them you will know what do to and can be confident in the likely success of recovery processes.

Coming up with your school’s solution to backup doesn’t need to be complex.   It is about considering different scenarios and the mitigation options and then identifying what is right for your school based on its needs and its appetite to risk.    As I have often commented, it is all about risk management.


Author: garyhenderson2014

Gary Henderson is currently the Director of IT in an Independent school in the UK. Prior to this he worked as the Head of Learning Technologies working with public and private schools across the Middle East. This includes leading the planning and development of IT within a number of new schools opening in the UAE. As a trained teacher with over 15 years working in education his experience includes UK state secondary schools, further education and higher education, as well as experience of various international schools teaching various curricula. This has led him to present at a number of educational conferences in the UK and Middle East.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: