DfE Cyber Security Standards & School IT Security Compliance

How Soltech IT Supports OneWest Audits and DfE Data Protection Reviews

Schools across the UK are facing increasing scrutiny around data protection compliance, IT security controls, and cyber resilience. With OneWest Data Protection Compliance and DfE Cyber Security Standards audits now taking place in schools throughout the southwest,, governors must demonstrate robust technical and organisational measures to protect pupil and staff data.

At Soltech IT, we specialise in managed IT services for schools, delivering secure, compliant, and fully supported IT environments that meet regulatory expectations and protect against modern cyber threats.

This guide explains how we help schools confidently meet each key requirement.

Encryption for Schools – Protecting Sensitive Data

Encryption is a fundamental requirement under UK GDPR and education sector best practice.

Soltech IT provides:

• Full disk encryption on laptops and staff devices (Please note this requires modern devices of a suitable specification. Performance / speed can be affected)
• Server encryption for on-premise infrastructure
• Microsoft 365 encryption at rest and in transit
• Secure email encryption (TLS)
• Encrypted cloud and offsite backups (AES-256 standard)

Our encryption policies are centrally managed and fully documented for audit assurance.

Secure Remote Access & Multi-Factor Authentication (MFA)

Remote working and cloud access introduce risk without proper controls.

We implement:

• Secure VPN or cloud-based remote access
• Microsoft 365 secure webmail configuration
• Multi-Factor Authentication (MFA) for all staff
• Conditional access policies
• Secure remote IT administration

MFA is strongly recommended under guidance from the Department for Education and the National Cyber Security Centre.

Backup & Disaster Recovery for Schools

Ransomware attacks on schools are rising. Backup resilience is critical.

Soltech IT offers a variety of different solutions based on a schools requirements and affordability with multiple backup solutions also working in tandem where affordable or required/requested:

• Automated daily backups
• 3-2-1 backup strategy implementation (if applicable)
• Offline backup options
• Separate 365 SharePoint and email backups
• Encryption of data backups

Daily error reporting is available for governors and compliance audits.

Patch Management & Cyber Threat Protection

Unpatched systems remain one of the biggest security vulnerabilities in education.

Our services can include (where approved / authorised by the school):

• Automated patching for servers and endpoints
• Deployment of critical updates
• OS patching
• Firmware and firewall updates (where stated)

This proactive approach reduces exposure to known vulnerabilities.

Legacy Systems & Unsupported Software Risk Management

Outdated systems create compliance and security risks.

Soltech IT conducts regular IT audits delivered through development reports:

• Unsupported software identification
• Risk mitigation plans and upgrades
• Infrastructure upgrade roadmaps
• Server / Cloud modernisation projects
• Matched to grant funding where possible

We help schools modernise safely and cost-effectively, whilst also looking consider aspects such as Health and Safety, Safeguarding, GDPR, DfE requirements and OSTEAD inspection prerequisites.

Advanced Technical Security Controls for Schools

Layered security is essential.

We can implement subject to a schools requirements:

• Anti-virus and anti-malware
• Anti-ransomware behavioural detection
• Firewall intrusion detection and prevention
• Email security - Person testing via Cyber Phishing Solutions
• USB device control
• Mobile Device Management (MDM)
• Web filtering and safeguarding monitoring

Security is not just a product — it is an essential service.

Access Control & User Permissions

Proper access control reduces insider risk and improves audit readiness.

Soltech IT ensures:

• Role-based access permissions
• Auto-lock after predetermined period of inactivity.
• Secure file share management
• Joiner, mover, leaver processes (via our customer portal)
• Permission reviews at the request or in line with school policies.
• Guest access

We align access management with GDPR accountability requirements and guidance from the Information Commissioner's Office.

Password Policy & Account Security

Strong authentication controls are critical.

We can configure in line with school policies where requested / required:

• Minimum password length policies
• Secure passphrase models
• Password enforcement
• Account lockout thresholds

Where possible, we support MFA-first and passwordless strategies.

Personal Device & BYOD Security

Unmanaged devices can introduce serious data protection risks.

Soltech IT can implement where required and in line with school policies::

• Conditional access blocking unmanaged devices
• Download restrictions for sensitive data
• MDM enforcement on school devices
• Secure cloud access configuration
• Guest access restrictions
• Separate VLANs.

We ensure data remains protected regardless of location.

Cyber Incident Response Planning (CIRP)

A documented school /MAT Cyber Incident Response Plan is essential for compliance and insurance protection.

Whilst each individual school will need to create it's own unique CIRP, Soltech IT can assist with knowledge or systems / solutions in place, and help with any additional measure the school may require.

Filtering & Monitoring for Safeguarding

Schools must demonstrate appropriate filtering and monitoring to meet safeguarding obligations.

Soltech IT can provide a number of filtered broadband solutions with different levels of filtering. These can include:

• Age-appropriate web filtering
• Real-time monitoring alerts
• Governor-level log review and reporting
• White list / black list filtering
• Internet Watch Foundation (IWF) approved solutions

Compliance with safeguarding and cyber security expectations.

DfE Cyber Security Standards Compliance

Our goal is to move schools from reactive IT support to proactive cyber resilience in line with DfE Cyber Security Standards..

Contact us today sales@soltechit.co.uk, or call one of our regional numbers:

Bristol, South Gloucestershire and Bath (Head Office) - Tel: 0117 2140 299

Somerset, Dorset & Yeovil - Tel: 01935 324 299

Devon and Cornwall - Tel: 01626 798 299

Gloucestershire and Wiltshire - Tel: 0121 6631 299