You are using an outdated browser. Please upgrade your browser to improve your experience and security.

Online Safety: Filtering, Monitoring and Information Security

Appropriate Filtering and Monitoring

Education settings should provide a safe environment to learn and work, including when online. Filtering and monitoring play an important role of safeguarding children and staff from potentially harmful and inappropriate online material; settings should be doing all that they reasonably can to limit children’s exposure to any online risks which could be accessed or encountered through setting provided IT systems or devices.

Schools and colleges in England are required by KCSIE to "ensure their school or college has appropriate filters and monitoring systems in place and regularly review their effectiveness."  Leadership teams and relevant staff should have an awareness and understanding of the filtering and monitoring provisions in place, manage them effectively and know how to escalate concerns when identified.

Schools and childcare providers in England and Wales must also: "ensure children are safe from terrorist and extremist material when access the internet in school, including by establishing levels of filtering" Revised Prevent Duty Guidance: for England and Wales, 2015.

Education settings should however also "be careful that "over blocking" does not lead to unreasonable restrictions as to what children can be taught with regards to online teaching and safeguarding" (KCSIE).

The appropriateness of filtering and monitoring systems are a matter for individual educational settings and will be informed in part, by the risk assessment required by the Prevent Duty. Your approaches and decisions should be reflected in your child protection policy. When making these decisions settings should consider the age range of children, the number of children, how often they access your devices and systems (whether on or offsite), any children who are potentially at greater risk of harm and the proportionality of costs vs safeguarding risks.

The UK Safer Internet Centre have published guidance for education settings and filtering providers about establishing 'appropriate levels’ of filtering and monitoring.

To support schools and colleges to meet the filtering and monitoring requirements, the Department for Education has published filtering and monitoring standards which set out that schools and colleges should:

  • identify and assign roles and responsibilities to manage filtering and monitoring systems.
  • review filtering and monitoring provision at least annually.
  • block harmful and inappropriate content without unreasonably impacting teaching and learning.
  • have effective monitoring strategies in place that meet their safeguarding needs.

Governing bodies and proprietors should review and discuss the standards with their DSLs, leaders and IT staff/service providers.

In July 2023, the UK Safer Internet Centre on behalf of the Department for Education carried out a series of webinars to inform and support organisations across England with their filtering and monitoring responsibilities. The SWGfL website is hosting all recordings of the webinars along with supporting information, guidance, services and tools to support schools.

The SWGfL provide a ‘Test Filtering’ tool which enables education settings to test the filtering lists in place on site. The system tests against the IWF URL list, and the UK terrorist content (CTIRU) list. It also verifies if pornographic websites are accessible through a test page hosted on an adult website which contains offensive language to test whether your filter is blocking pages that contain profanities.

Support for schools when considering what to buy and how to buy it is available via the: schools' buying strategy with specific advice on procurement here: buying for schools.

Remote Learning

Where children are being asked to learn online at home schools and colleges should ensure they do so safely. The Education Safeguarding Service have produced a number of guidance documents for schools and settings in response to Covid-19 pandemic. The following links are specific to safeguarding whilst remote learning:

National Guidance

National Cyber Security Centre 

Information Security and Access Management

Education settings are directly responsible for ensuring they have the appropriate level of security protection procedures in place in order to safeguard their systems, staff and learners, and should review the effectiveness of these procedures periodically to keep up with evolving cyber-crime technologies.

Schools and colleges should also consider meeting the Cyber security standards for schools and colleges which explore standards in relation to cyber security, user accounts and data protection.

Guidance on e-Security

Also see our section on Cybercrime and Commerce.