Top 10 security tips for exams officers
Read our security tips for exams officers and learn how to handle data securely and protect your school or college against cyber security attacks.
Read our security tips for exams officers and learn how to handle data securely and protect your school or college against cyber security attacks.
As an exams officer, you handle confidential and sensitive information throughout the year, so it’s important that you handle data securely and that your school or college’s systems are as secure as possible.
Cyber security attacks have unfortunately become more common and sophisticated over the years, so it’s more important than ever that you know how to protect your centre and your learners’ data.
To help you at the start of the new term, we’ve put together these top 10 security tips.
Regularly check the users registered to your centre on Centre Services – make sure the roles and permissions are appropriate, and remove any accounts that are no longer needed. It’s particularly important to check this in the run-up to key series milestones such as Entries, Exams, and Results days. If you have any concerns over an account, please get in touch with us.
Do not use the same password across multiple different accounts, platforms, or services – use unique passwords or passphrases for each one. Use modern password policy approaches if you can, such as 'Three random words', and consider using a password manager.
Do not share your password with any of your colleagues and avoid writing passwords down. We’d never contact you and ask you to confirm your password.
If you suspect your password might have been compromised, change it immediately using the password reset/forgotten password functionality.
We’ll never ask you for your Centre Services multi-factor authentication (MFA) code – not over the phone, by email, or any other method. You’ll only ever need to enter it directly on Centre Services when logging in.
The only time we’d ask you to confirm the telephone number configured for your Centre Services MFA would be when we need to validate your identity after you’ve requested to change your MFA telephone number. We may, however, ask you for a telephone number when you contact us, but this is not related to MFA in any way and the two numbers may be different or happen to be the same.
Unfortunately, schools, colleges and awarding organisations are targets for malicious individuals who attempt to spoof. If an email looks suspicious, call the organisation it claims to be from directly to verify the request.
If you receive a suspicious or unexpected email or telephone call claiming to be from AQA, please contact Customer Services on 0800 197 7162 or email eos@aqa.org.uk
If you have any concerns about an invoice that claims to be from AQA or on behalf of AQA, or any communication claiming to be from AQA about a change of our banking details, you can validate our bank details on our 'Invoices and how to pay' page.
Take a look at the National Cyber Security Centre guidance for schools for some practical resources to help improve your cyber security.