2 min read

The Prevent Strategy in Schools, and the Implications for IT

January 29, 2016

The prevent strategy in education

As a result of the Government’s Counter-Terrorism and Security Act, from July 2015 schools and providers of higher education have a duty “to prevent people from being drawn into terrorism”.

The Prevent Duty document can be found here for a deeper look.

This legislation comes from the statistic that most terrorist offences are committed by people under the age of 30, and the Government sees education providers as key to tackling this.

However, whilst organisations need to be placing high importance on compliance, the Government guidance is brief and advice on what practical steps in-house IT staff should be taking is thin on the ground. It does, however, identify filtering of the school’s internet as a crucial way of keeping students safe online:

“Many educational institutions already use filtering as a means of restricting access to harmful content, and should consider the use of filters as part of their overall strategy to prevent people from being drawn into terrorism.”

The use of the internet to disseminate extremist material is well established. The ISIS social media propaganda machine is often cited as a significant pull factor during the radicalisation process.

The guidance for schools states:

“Specified authorities will be expected to ensure children are safe from terrorist and extremist material when accessing the internet in school, including by establishing appropriate levels of filtering.”

Our last State of Networking in Education report highlighted that only 50% of organisations in education identified network security as a priority in the next three years. Considering the expectations now in place not only for cybersecurity but also for preventing extremism in schools, it seems more needs to be done to raise it on the internal agenda.

100% accurate filtering is probably unachievable

The problem for in-house IT in schools and higher education is that even the most up to date, and well maintained firewalls cannot guarantee to filter out 100% of the intended materialparticularly when faced with IT savvy and motivated individuals.

The guidance for education providers emphasises the need for a risk-based approach to the Prevent Strategy—ensuring effective filtering is in place to minimise the risk of accessing extremist content—as well as maintaining appropriate records to demonstrate compliance with their responsibilities.

Visibility and reporting is key

If you accept that filtering with 100% accuracy is impossible, having visibility across your network in order to effectively monitor end user activity is going to be key.

In the event that filtering fails and suspicious content is accessed, having visibility of the event gives you the opportunity to raise concerns with the relevant authorities. It also allows you to have access to a historical timeline review of the user, satisfying the Government’s demand for reports demonstrating compliance, when requested.

Download Network Performance Checklist