Introduction to cybersecurity in the Early Years

Meet your hosts

Alex Patterson

Alex Patterson

Director of Active8 Managed Technologies

With over two decades of experience in the technology and managed services sector, Alex Patterson has developed a strong reputation for his consultative, customer-first approach. As a Director at Active8 Managed Technologies since 2013, Alex works closely with nursery groups and Early Years providers to help them plan and future-proof their IT and facilities strategies. He believes in building long-term partnerships rather than quick wins, ensuring every recommendation supports sustainable growth, compliance, and efficiency across settings.

This webinar, hosted by Famly and presented by Alex Patterson (Director of Activate Managed Technologies) alongside technical manager Mark. Nurseries hold highly sensitive data yet often lack formal cyber policies, with 80% of incidents attributed to human error and 25% of nurseries lacking effective data breach management. Alex and the Active8 team recommend auditing all devices and data storage locations, establishing a cyber security policy, and exploring Cyber Essentials accreditation as a foundational certification.

Key takeaways

  1. Conduct a full device audit:
    Create a spreadsheet listing every device's make, model, operating system, assigned user, and location to establish a baseline understanding of the IT infrastructure. Alex recommended: "audit all of your devices, get them in a spreadsheet, find out the make the model, the operating system, who uses them and the location."
  2. Review data storage and access controls:
    Map where all data is stored (e.g. SharePoint, Dropbox, local devices) and assess who has access, including remote access, to reduce exposure of sensitive child and parent records.
  3. Establish or update a cyber security policy:
    Develop a formal policy covering password management, device use, staff onboarding/offboarding, email and internet use, and incident reporting procedures, using resources such as the NDNA template as a starting point.
  4. Implement staff cyber awareness training:
    Introduce phishing simulation tests and incident reporting procedures so staff can identify and escalate suspicious emails, reducing the risk of human-error-driven breaches.
  5. Pursue Cyber Essentials accreditation:
    Begin the self-assessment questionnaire through IASME to address the five key controls:
    • Firewalls
    • Secure configuration
    • Access control
    • Malware protection
    • Software updates, which can also lower cyber insurance premiums.
  6. Understand breach reporting obligations:
    Ensure all relevant staff are aware that a data breach must be reported to the ICO within 72 hours, as failure to do so can result in fines of up to 4% of global turnover.

Share this webinar

Share on FacebookShare on LinkedInShare on X
Copy link

See and try Famly

To schedule a demo just send us a few details via the form and we’ll be in touch.

Checkmark in purple

Modern app

Checkmark in purple

Automated tools

Checkmark in purple

Human support

Get a demo