October is Cyber Security Awareness Month, and while we don't think that cyber awareness is something to cover just once in the year, we think it's a good opportunity to publish some information that can be used all year round.
Awareness Day Twenty One: Hardware: Asset Control


"Wherever there is technology there needs to be cybersecurity"

Implementing cybersecurity best practices is important for organisations of all sizes to protect personal, financial and sensitive information.

Awareness Day Twenty One: Hardware: Asset Control

Understanding what IT devices you have, where they are and who has access to them is key in preventing a cyber attack.  Consider the use of an IT Asset Register which records:

- the device type, make and model
- the serial number
- the purchase details if less than three years old 
- any warranty details
- backup codes for the encryption keys if used
- who currently has the device and whether they have signed an acceptable use agreement

Ensure there are procedures in place to wipe the contents/reset in between loans and the asset register updated.
Ensure there is a method to track devices if lost/mislaid. Consider the use of remote wiping technologies.
Check the disposal company for IT assets has the required certifications.
Consider marking or tagging the devices (especially mobile ones).
Consider the use of mobile device management software for iPads.

Review the DfE Meeting Digital and Technology Standards in Schools and Colleges : which advises that devices should be known and recorded with their security features enabled, correctly configured and kept up to date.  We can provide support, guidance and trackers to help you assess where you are and track your progress 👉 https://digitalstandardstracker.co.uk/

Review: NCSC Asset Management

The  DfE Digital Standards for Schools and Colleges gives detailed information about what should be in your asset register: