How do you ensure that unauthorised persons cannot access school data?

NEG staff are manually onboarded to the platform and are always mandated to have Two Factor Authentication enabled when accessing any of NEG’s online systems. Infrastructure and data engineer access is hardware multi factor protected. Penetration tests are carried out regularly on the platform, and all developers working on the platform have long standing industry experience of working on data-critical systems. All actions within the system are audited and we have robust request monitoring to ensure that the system is not nefariously targeted.