Feltham Community College Security

Feltham Community College (FCC) is a large and diverse Academy in West London

The Challenge

Feltham Community College (FCC) is a large and diverse Academy in West London where Gaia is the preferred ICT Managed Service Partner. Our responsibilities include the comprehensive data management of their users across; File Servers, Mail Exchange Servers, SharePoint Portals and School Management Information System which run over Microsoft SQL Servers.

As a certified 27001 ISO standard company, Gaia has managed the design, implementation, and maintenance of all ICT systems in the school on a day-to-day basis.   One of the key challenges is data security where there is a high level of user access. Typically, the FCC data sets, contain a variety of information. This includes: children and family privileged information, teacher reports, evaluations, salaries, learner medical and security information, and official communications to authorities. This means that data access must be both very available and extremely secure.

What We Did

Gaia developed and maintains a security structure for access rights in terms of active directory users and security groups.  Student information is entered into the School Management Information and is then synchronised into the Microsoft Active Directory and replicated into the Office 365 Cloud Service for the School.   Gaia manages the synchronisation process on a regular basis at the start of the academic year and then on a longer interval basis to ensure correct update of student information into the Active Directory.

The Outcome

Student folders are centrally hosted into the File Server that is made available to any user device accessed by the student within the school.   Students are restricted to their own folders and group folders shared by their teachers for the purpose of collaborative.  A similar process is replicated in a SharePoint portal where teachers and students are able to share homework information and access to material some teachers may wish to share.

Another key element to the Data structure is business continuity, backup and archiving.   Gaia runs a number of schemes to ensure that the School’s data is highly available. Gaia also ensures that failure of any physical infrastructure component will not affect the continuity of service.  Data is backed up on a daily basis to enable its restoration in case of any failure. Gaia also ensure that multiple physical infrastructure failures will not impede fast recovery.    Finally schools retain student homework and project information for the duration of their attendance in school and sometimes beyond. This requires extensive archiving of data so as not to occupy expensive high-speed redundant data storage.

For the purpose of business continuity, Gaia ensures that virtualised servers run on Storage Attached Network devices.  These consist of 24 disks in a RAID-VI Array that allows two drive failures before data is permanently lost.   Gaia also replicates the content of the SAN to another SAN that ensures service continuity after a single SAN failure.

Gaia has implemented a two-tier backup, a short term one that enables multiple differential daily backups of used data to reduce the impact of data loss to 2 hours. Also a longer term backup, that accumulates daily backups into a weekly, monthly and yearly cycle for up to 5 years. A Microsoft System Centre Data Protection Manager Server runs the backup process onto an independent Storage Array as well as replicating its backup to the School’s Microsoft Azure data store for offsite protection.   Backed up data is encrypted at rest and in transit both on site and off site and compliant with ISO 27001 standards.   Server are separately backed up as full images using Veeam Software to ensure fast recovery in case of application server failure.

Office 365 contents in terms of SharePoint, Mail, IM, Calendar and some OneDrive contents are also backed up to a Cloud based environment away from Azure.   Gaia have done this as whilst Office 365 availability is considerable high, it is possible that users delete content and will not become aware of such deletion until over 90 days have passed.  This data can be no longer restored from Microsoft but it is available from the Cloud.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.