Cybersecurity FAQs
Andy Lumley
Last Update 2 years ago
This article aims to provide answers to common questions and links to relevant policies for schools looking to subscribe to Integral.
Here is a link to the MEI Privacy notice.
Here is a link to the Integral Terms and Conditions.
What is your base IT system (e.g. on-prem, cloud, hybrid, base OS)?
We operate a hybrid system.
Do you have cybersecurity policies and are they regularly reviewed/maintained? Does a written security policy or plan exist?
Yes. They are reviewed and updated at least annually or when relevant technological or regulatory changes occur.
Do you have a password policy? If so what criteria are used in determining the password strength?
When a user first logs in they are required to choose their own password. The password must have at least 8 characters, at least 1 digit(s), at least 1 lower case letter(s), at least 1 upper case letter(s).
What country will any data will be stored in?
All data is stored in the UK.
Confirmation that there will be no secondary use of customer data, and whether IT systems are created in such a way as to respect limitations on secondary use?
Please refer to the privacy notice and Integral terms and conditions linked at the start of the article.
Are Pen Tests are carried out and the results of any such tests?
Yes, pen tests are carried out. We respond accordingly to any discoveries made during tests.
Do you hold any IT or Security accreditations (e.g. ITIL, ISO27001, Cyber Security Essentials, Cyber Security Essentials Plus)
Yes we have accreditation across our infrastructure including CSE+.