October is Cyber Security Awareness Month, and while we don't think that cyber awareness is something to cover just once in the year, we think it's a good opportunity to publish some information that can be used all year round.
Awareness Day Sixteen: Access Control - Wi-Fi  and Network Access

"Wherever there is technology there needs to be cybersecurity"

Implementing cybersecurity best practices is important for organisations of all sizes to protect personal, financial and sensitive information.

Awareness Day Sixteen: Access Control - Wi-Fi and Network Access

Some considerations for Wi-Fi best practice in schools:

1. Active Monitoring - ensure all your access points are working and switched on.  In a school access points are often unplugged by other members of staff due to the layout of the building when there is a classroom move around.
2. Wireless Management - consider the use of wireless management which offers more than configuration and logging.
3. Prioritise Usage - if allowing casual use by staff/visitors for their mobile phone, ensure that critical applications, such as VoIP (phone system) and admin systems get priority over non business usage. 
4. Guest Policies - consider a guest Wi-Fi network where the password can be shared for visitors and guests/contractors where the network resources are restricted, i.e no access to printers or network files.  Change the guest password regularly.  If you are part of a Trust that has central staff that move between schools regularly, set up a 'Trust Wi-Fi' so that their devices connect at each location smoothly and with the correct access. Don't make the password the name of the establishment or Password123, ensure it is appropriate.
5. Firmware Updates -Ensure the firmware on the router is kept up to date to help prevent a cyber attack.
6. Ensure any default user names and passwords have been changed for the access points. 
7. Have a unique SSID (Service Set Identifier) and ensure it's not easy to guess.
8. Ensure the data on the Wi-Fi network is encrypted by using Wi-Fi Protected Access (WPA), WPA2 and WPA3.
9. For larger systems, consider installing a firewall.
10. Review the NCSC Wi-Fi Guidance
11. Review the DfE Wi-Fi Network Standards for Schools and Colleges.

Source of information: Article: EdTech Best Practices Implementing New Wireless Network
Source of information: CISA Securing Wireless Networks

If you're a school or multi academy trust then review the DfE Wireless Network Standards, we have resources and trackers to help you assess and track your progress: DfE Digital Standards Trackers

More questions like these are in our Information and Cyber Security Checklist (only viewable with a valid Data Protection Education subscription):


We have a DfE Digital Standard Tracker for Wireless Networks, watch our video: