Introduction
Back in March 2022 the Department for Education released a set of standards that were to be used as the guidelines for schools and colleges to ensure that they had appropriate digital infrastructure and technology.
These standards were not in fact new. They had formed part of the much wider new build generic design brief for some time (word of caution, the GDP covers everything from floor coverings to insulation to surface finishes so is a rabbit hole to be avoided unless you happen to be about to build a new school or college!).
The standards set out the technical capabilities that should be achieved by schools and colleges alongside recommendations as to when they should be met. Clearly, some would be part of any future planned refresh whereas others are deemed so important they should be implemented as soon as possible.
The standards are broken down into the following sections:
- Broadband internet
- Network switching
- Network cabling
- Wireless networking
Over the course of three articles, we will break each of those down and look at the standards along with some thoughts on how these might be met, starting with Broadband.
Broadband Internet
Schools and colleges are increasingly reliant on internet access to deliver education. As more and more services are pushed to the cloud this reliance will only increase. To try and ensure that a suitable service can be delivered in a way that is secure the guidance highlights three specific areas:
- Schools and colleges should use a full-fibre connection
- Schools and colleges should have a backup connection to maintain continuity of service
- Schools and colleges should have appropriate IT security and safeguarding systems in place
Full Fibre
The standards say that primary schools should have a minimum 100Mbps download and 30Mbs upload; secondary schools and colleges should have the capacity to deliver 1Gbps up and down. Most colleges will already meet this due to their JANET primary connection.
To deliver this the service should be delivered over a full-fibre connection which is defined as either a leased line or a fibre-to-the-premises (FTTP) circuit. Copper circuits are not deemed not to meet the standard which means if you are currently using a “super-fast” connection you are not meeting the standard.
The timetable for this is as soon as possible, noting that existing contracts may be in place and that renewal of a contract would be a suitable point to act. The other challenge, particularly for primary schools would be the availability of FTTP which is still being rolled out across the country and is not planned in some areas for some time.
In truth, to meet the 1Gb standard the options are limited and would mostly require a leased line; although technically FTTP services could offer 1Gb most of the currently available services are capped below this. If not already operating at the required standard and looking to move to a new, faster service there are a couple of considerations.
Firstly, if you require a new service there is likely to be a considerable lead time – typically 90-120 working days minimum and in some areas where the installation requires work that involve road disruption to lay new ducts these timescales can increase dramatically.
Secondly, if a new circuit is required there will be considerable charges known as ECCs or Excess Construction Charges which cover the cost of the civil engineering required such as laying new ducting underground. In some cases, these can exceed the annual rental costs so need to be considered for budgeting purposes.
You will also need to consider the connection between your internet access and your main network to make sure that they are compatible directly or if you need an alternative device between the provider’s box and your firewall such as a router. We are happy to help review your current service and options for future services, please get in touch if this would be useful.
Backup Line
Although summarised as a backup line this standard covers slightly more than just that element as it also includes the need to have redundant power options on the core network (and the router or other device receiving the internet feed) to improve resilience along with automatic (or near instant) failover to ensure in the event of the primary line (or router) failing the backup will kick in seamlessly.
As with the first part of the standard, the when element is as soon as possible. If a backup line is not already in place then this should be considered a priority.
This standard is a challenge for most organisations for a number of reasons. First and foremost is cost. A backup line with a similar capacity will in many cases cost the same as the primary line (and if a new one is needed to meet the standard the same ECCs and lead times will apply). However, that isn’t the whole story.
One of the challenges of providing resilience to an organisation comes down to the nature of the organisation. If it is a single site organisation providing independent backup connectivity may prove very difficult, often because there is only one provider and therefore by default a second line would share large parts of the journey from site to local interchange. Even if there are more than a single supplier it is often the case that they are simply reselling BT Openreach infrastructure so in fact provide no additional resilience.
If possible to run a connection from two different interchanges (i.e. the town has more than one) there may be much larger installation costs due to the additional work required to bring a feed from that location – by default connections tend to go to the closest interchange to avoid such costs.
Even then, if both connections come into the same server room location there is still work to be done to ensure that any issues there do not impact both lines (hence the requirement for redundant power).
Where organisations have more than one site resiliency can be easier to achieve by having lines coming into multiple sites with the ability to move services between lines in the event of a failure – a more technologically challenging scenario but achievable and if both lines are provided by the same provider in this case they may offer services to ensure failover.
However, it is worth noting that the standard doesn’t actually state that the backup line has to be the same type or capacity as the primary. This gives a wider range of options in terms of how to address this in a cost-effective and appropriate way. It is for this reason that our recommendation is always to consider this alongside wider discussions around business continuity and to include this as an entry on the IT Risk Register.
Ultimately, the balance between the cost and risk factors will differ between organisations and there may be other contingencies that could mitigate the loss of the internet connection. Or indeed, there could be some clearly identified services that need to be retained (for example if you have a totally VoIP phone system) which would continue with a lower bandwidth backup connection while others are deemed less of a priority.
Also worth considering that if your systems are in the cloud you may be able to work around the loss of local internet connection via home-based activities or the provision of 4/5G devices to select groups.
This is quite a complex area and one that needs in-depth conversations to get to the right solution.
Security
Before looking at this standard it is worth noting that all schools and colleges should already be meeting it as it, for the most part, reiterates the Online Safety portion of Keeping Children Safe in Education (as of the 2022 iteration this is paragraph 135-148). This breaks down the risks into four areas:
- content
- contact
- conduct
- commerce
Measures should be in place to minimise and mitigate those risks and those measures should be reviewed and tested regularly to ensure that the organisation is meeting the requirements for safeguarding.
The standard also requires organisations to have a firewall between the local network and the internet and again this should already be part of the infrastructure of most schools and colleges. As with the safeguarding aspect, the firewall and other technologies should be part of the organisation’s ongoing cybersecurity management activities and again, should be subject to the regular and ongoing review of the risks to the organisation and it’s users.
If for any reason you feel that you do not meet this part of the standard I would suggest that it would require urgent action to ensure that you have considered both safeguarding and cybersecurity implications and put in place a plan to address any weaknesses. We would be happy to advise you on this, please get in touch for a discussion on how to take things forward.
That is the end of part one. In the next instalment, we will look at the wired networking standards and what this means for organisations as they plot their way through the digital future.
3 Comments
Meeting digital and technology standards in schools and colleges – Part Two – ITspire · 07/10/2022 at 12:49 pm
[…] our first post on this subject, we looked at the background of the DfE standards and went into some detail on the […]
Meeting digital and technology standards in schools and colleges – Part Three – ITspire · 10/10/2022 at 11:20 am
[…] the earlier two parts of this series, we looked at the broadband, network hardware and cabling parts of the standards and in this final part, we will be looking at […]
Cyber security standards for schools and colleges – ITspire · 11/10/2022 at 10:09 am
[…] the heels of the Meeting digital and technology standards in schools and colleges discussed in an earlier blog post series, the Department for Education have also now added Cyber Security standards for schools and […]
Comments are closed.