A few years ago, St Peter’s School recognized the need to invest in its IT infrastructure to ensure a top-of-the-range learning experience for pupils. But like all schools, this required careful planning to ensure any investment was well spent. It had a small IT team responsible for an extensive modernization project, including replacing its entire physical backbone and implementing a new network.
During the pandemic, all staff and pupils used Microsoft 365 primarily for email and Teams, enabling remote learning. SoftwareOne had just been engaged with St Peter’s to advise how best to use the Microsoft 365 suite when a phishing attack hit the school.
SoftwareOne immediately helped St Peter’s identify email accounts affected by the breach and remediated these swiftly. The team also completed a review of the school’s existing Microsoft 365 security position and identified several areas in need of modernization, particularly around identity and access management.
Due to a complex combination of legacy Office licenses and Microsoft 365 A1 licenses, it was a challenge for the IT team to do a forensic analysis of the phishing attack on its own. It also had limited security controls in its existing licensing plan and internal knowledge around the advanced security capabilities of Microsoft 365.