9 Dec 2009

 Neil Hollister, CRYPTOCard’s CEO
 Neil Hollister confirms that remote access to most of a school's  MIS must be protected by 2FA
Top girls' grammar school, Wycombe High School, has selected BlackShield ID from CRYPTOCard enabling it to provide teaching and non-teaching staff with secure remote access to the school network.

The new CRYPTOCard authentication server meets the latest guidelines from Becta - the government agency driving effective and innovative use of ICT in schools - requiring two-factor authentication (2FA) for remote access to key parts of the school's management systems and allows staff to access sensitive data securely when working from home or elsewhere off-site.

"In addition to satisfying Becta requirements, BlackShield ID offered the best solution in meeting the demands of our own internal security review, which had similarly concluded that 2FA was the way forward," confirms ICT Services Manager, Steve Woodward. "We were also impressed with how CRYPTOCard was already benefiting other educational environments such as the Yorkshire & Humberside Learning Grid."

Durable and cost-effective

Looking ahead, Wycombe High School also plans to use the CRYPTOCard security solution to protect teacher accounts from unauthorised access inside the network. And here, Woodward was particularly impressed that their two-factor authentication solution worked across several platforms with no additional charge for this further functionality.

"In our view, Blackshield ID is the ideal network security solution for education establishments such as Wycombe High School operating on tight IT budgets," he says. "Our staff has confidence in the professional high-quality appearance and durability of the tokens, which incorporate replaceable dual batteries. Equally importantly, from an IT perspective BlackShield ID is quick and easy to manage and administration costs are a fraction of those of other security solutions we looked at."

Education initiative

CRYPTOCard has strong experience in supporting the education sector and established  customers include Yorkshire and Humberside Grid for Learning, Redcar Local Authority and Ashdown School. The company's server-based and managed service (Password-as-a-Service) 2FA solutions are ideally suited to support Becta's published best practice guidance on how schools should protect sensitive data, including secure remote access.

Secure remote access from CRYPTOCard 
 Wycombe High School has selected BlackShield ID secure remote access from CRYPTOCard

"Becta recommends that remote access to most of a school's management information systems (MIS) must be protected by 2FA," confirms CRYPTOCard CEO, Neil Hollister.

"At the same time, schools need to start preparing for online reporting to enable parents to access online reports in a user-friendly, yet secure, manner.

"This presents schools with the ideal opportunity to review how, in adopting 2FA, they can use their existing data and systems more efficiently and effectively to share protected information."

A recent survey of secondary schools by CRYPTOCard showed that 95 per cent of respondents provide remote access to either a VPN or web portal and 40 per cent provide remote network access to third parties as well as staff. Leaving this access unsecured is tantamount to allowing strangers to wander around a school unchecked - hugely risky with untold potential costs in case of a security breach.

"Whilst some Education establishments have forged ahead with network security, many have some way to go in understanding how to ensure the right level of protection," believes Hollister. "One third of the schools surveyed, for example, were still unaware of Becta's advice concerning the need to use 2FA in securing remote access to SIMS and similar systems including sensitive pupil performance data. Equally, very few had started to address the government mandated requirement for online reporting to parents."

In responding to this need, Hollister believes that, "by providing education establishments with secure, customisable and affordable password protection ‘out of the box' in this way, as part of a 2FA solution which can easily integrate with any existing in-house solution, CRYPTOCard has made total authentication simple."