GTC Scotland

The General Teaching Council for Scotland

Five steps to good cyber security

Whether you’re using cloud-based systems or getting homework submissions online, keeping learners’ data safe is down to just five simple steps

Data is one of the most precious assets we own, and it is being used and misused to powerful effect. With the number of cyber-attacks on the rise it is more important than ever that we keep learners’ data safe.

From marks recorded in online apps, to fingerprints used for cashless canteens and images recorded on CCTV, learners’ data takes many different forms and is obtained and stored in a variety of ways.

This data needs to be kept safe, which means ensuring it is obtained with appropriate consents, used for specific purposes and stored securely. If it isn’t, the data is more likely to be vulnerable to cyberattacks and data breaches – there may even be legal implications. It is also important to be aware that under data protection legislation, learners have a right to obtain a copy of the information held on them.

Five good data habits

The first line of cyber security defence is yourself. You can help protect data by cultivating five good data habits.

1. Set secure passwords

If your local authority or college has a password or data protection policy please refer to this, otherwise, there are various steps you can take to help create a secure password, including using:

  • two-factor authentication, 
  • your browser’s password manager and
  • employer-approved password generators.

Remember to look for the padlock symbol on your browser’s address bar. If it isn’t there don’t submit any sensitive information on that webpage. For more tips on how to create a secure password, read Lorraine Mills’ article ‘Technovantages’ from Teaching Scotland, Issue 77.

2. Keep your password to yourself

It may sound obvious, but ensuring you keep your password confidential will help prevent data security being compromised.

3. Use cloud software appropriately

Many teachers and college lecturers use cloud-based systems such as Glow. When you are using online software it’s important to consider:

  • if the appropriate permissions have been taken to store this information
  • if the information is being used for the purposes originally intended
  • if you still need to hold this information.

4. Don’t use public Wi-Fi

Cloud software should only be accessed over trusted networks as data could be compromised over public Wi-Fi hotspots.

5. And when you’re keeping it old school

It’s important not to overlook the security of information held on pen drives and jotters. USB sticks need to be tracked and encrypted while caution should be exercised to avoid misplacing jotters and essays.


 GTC Scotland has been awarded Cyber Essentials Plus, which means we have demonstrated, publicly, our commitment to cyber security by putting in place a set of baseline technical controls. Please help us maintain our certification by logging in to your MyGTCS account and ensuring that your contact details are up-to-date. With thanks to Lorraine Mills, Cyber Security Consultant at BlueRock, who has supported GTC Scotland as part of the Cyber Security Programme.