We have successfully worked across physical and information security as well as data protection in schools, colleges and universities.

Data Protection, Information and Cyber Security

As a learning establishment, the data you hold on the children under your supervision is of paramount importance and should be afforded an appropriate level of security. Too often we hear about sensitive information finding its way into the public eye and no-one wants to be at the sharp end of that publicity, especially if you are a school or college, be it state run or independent.

That’s why we have developed an audit process especially for you to identify your current security practices and ensure your data is safe. Here’s what we do and why…


  • Comprehensive review of security documentation, information systems, policies and procedures, including Data Protection and Acceptable Use
  • Interviews with key staff on effective implementation followed up by spot check discussions
  • Escorted tour of establishment to complete basic security check


  • Opportunity to fully grasp Information Security obligations
  • Ensure Data Protection compliance
  • Meet Children Act Regulations
  • Provide assurances and accountability to parents, Ofsted Inspectors and key stakeholders on Information Security
  • Meet obligations to school Governing Bodies and Local Authorities
  • Identify bespoke Information Security needs and general areas of security that need to be addressed

Physical Security Reviews

Many independent and private educational facilities are being expected to provide evidenced assurance to governing bodies and other key stakeholders that their physical security is adequate and fit for purpose, as well as regularly reviewed and tested.

We have experience of providing comprehensive reviews and reporting in these situations, bringing the independent advice and support needed for this assurance. Our reviews include:

  • Checking physical systems are fit for purpose and operating within legislation and guidelines
  • Providing independent advice on vulnerabilities and how to mitigate the resulting risk
  • Working within existing risk assessments to improve and fine tune security measures
  • Ensuring wise security spend – we do not sell equipment or systems, we are there to advise
  • Ensuring measures are proportionate and conducive to a healthy environment for students, visitors and staff alike


  • Comprehensive review of security systems, including but not limited to CCTV, lighting, intruder systems, barriers and door entry
  • A full report of findings with recommendations
  • Multi sites accommodated

The Information Commissioner’s Office (ICO) made a series of recommendations to higher education. This included great advice such as using specialist roles to help support good Data Protection and Information Security after the growth of data breach in this sector. Those roles are Senior Information Risk Owner (SIRO), Information Asset Owner (IAO) and Data Protection Officer. We have offered specialist training for SIRO and IAO roles for many years and as well as offering training in Data Protection, we also offer an outsourced service which is acceptable under GDPR and Data Protection Act (2018)

Advent IM and Education security consulting Advent IM data breach by industry sector- we offer consultancy and training

From our Blog

Ransomware marches on..

The scourge of business, public sector and individuals, ransomware, shows no signs of abating and my heart sinks every time I see a headline where a vulnerability in an organsiation is exploited by this cynical malware. Most recently, students at a school in Plymouth, lost GCSE and and A level coursework after their school was […]


ICO Higher Education Security Risk Leaflet

Information from the ICO following its reviews of UK universities in 2018.

University Cyber Attacks Leaflet

Information on university cyber attacks.

Find out more about our work in the education sector.