RPA-compliant Cyber Response Plan for schools
Six Schools Receive 75" and 65" Promethean Touchscreen Donations from Soltech IT Ltd
Pictured Donated 75" Promethean Touchscreen Install at St Peter's Primary School in Bishopsworth.
Pictured Gareth Jones of Soltech IT handing over a 75" Promethean Touchscreen to Fosse Way Schools IT Team
2025 will see Soltech IT continue to donate IT equipment to school's throughout the Southwest as part of our 'Giving Back To Schools' donation campaign.
We were delighted to be able to donate more than £15,000 of 65" and 75" Promethean ActivPanel Touchscreens to six local schools and MAT's.
Gareth Jones, commented "As a business it's great to be able to give something back to schools, be they a customer or not. Our most recent donations have helped transform the learning environments of pupils which is something we are very proud of."
These most recent donations have not only included a 65" or 75" Promethean ActivPanel Touchscreen, the schools have also received WiFi module upgrades, Android functionality, wall mounting brackets and relevant cables, plus delivery, removal / WEEE disposal of old equipment, installation and training, all as part of Soltech IT's donation.
That's around a £3,000 donation at each school or MAT.
What is an RPA?
Schools throughout the UK need to protect many different assets from unexpected events. In some cases schools have statutory duties.
The aim of the RPA is to protect schools against losses due to any unforeseen and unexpected event. RPA cover is very similar and comparable with a commercial insurance policy.
Creating the RPA compliance Cyber Response Plan a school
The Department for Educations risk protection arrangement (RPA) requires schools to have an appropriate Cyber Response Plan.
To help schools, the DfE has published Risk Protection Arrangement Cyber Response Plan Template.
The DfE template sets out the plans and actions to be taken in the event of a cyber security breach or incident.
Key points to remember about creating your plan
- Always ensure the RPA is reviewed and maintained, particularly when staff members change.
- There may be a few elements of the RPA which require the input of Soltech IT. Our advise is for a school to complete as much of the RPA as possible, before compiling a list of any questions we may be able to assist the school with.
- In the 'Critical Activities - Data Assets' section, allocate one of the specific timescales to each Data Asset as suggested.
- Always ensure staff have and an easily accessible copy of the response plan, along with other critical incident documentation available as per the school or MAT policies.
Police Cyber Alarm registration and setup for RPA
Police CyberAlarm is a tool which is available to schools for free. It is designed to help staff understand / monitor malicious cyber activity by monitoring and scanning for vulnerabilities. As we understand it there is no mandatory requirement to install the collector.
How to implement offline backups for the RPA scheme.
Schools are required to have an offline backup system as part of the requirements of the cyber threat cover included within the DfE’s RPA.
What to backup?
It’s vital to have access to school data via backups. The downloadable Risk Arrangement Cyber Response Plan template contains a detailed list of what should be on a schools list of critical data.
Is your school backup secure?
School backups need be held entirely offline and not connected to a schools network or systems until absolutely necessary. This ensures backed-up data remains unaffected by any event that impacts your live systems.
Soltech IT backups of server data are held remotely and independently of a schools network or system, offsite in an encrypted format. Our backup software connects daily when necessary to generating and creating an individual backup for that day. Like wise and when necessary, data can be restored promptly to the schools systems. As standard, the backup retention period is 28 days, unless otherwise stated.
Have you tested your backup?
Schools should regularly test backups from all sources.
DfE RPA training requirements.
All staff, employees and governors of a school who have access to a school’s IT systems must complete NCSC Cyber Security Training. This is a free training course available from the NCSC website.
Full details of the RPA are on the DfE website.
