DFE EARWIG SERVERS SECURITY APPRAISAL 2025 - EARWIG -SELF-APPRAISAL
ASSET PROTECTION AND RESILIENCE
Data, and the assets storing or processing it, should beprotected against physical tampering, loss, damage or seizure. Thisincludes the following;
1. Data Centre – Physical Location and Legal Jurisdiction
Please document the locations atwhich School data is stored, processed and managed from.
2. Data sanitisation
If the process of provisioning,migrating and de-provisioning resources is ever needed during the Earwigservers provision, what measures will be taken to protect the data? ForExample, when resources are moved or re-provisioned, is all data securelyerased?
3. Equipment disposal
Is all equipment potentiallycontaining School data, credentials, or configuration information for theEarwig servers identified at the end of its life and are components containingsensitive data sanitised, removed or destroyed as appropriate?
Yes
4. Physical resilience and availability
What are the availabilitycommitments of the Earwig servers provider, including their ability to recoverfrom outages?
DATA PROTECTION IN TRANSIT
Data transiting networks should be adequately protectedagainst tampering (integrity) and eavesdropping (confidentiality).
Is all data in transit protected between all end userdevices and the Earwig servers? If so, what technology is used to achievethis?
Is all data in transit protectedinternally within the Earwig servers? If so, what technology is used toachieve this?
If applicable, is all data intransit protected between the Earwig servers and other services (e.g. whereAPIs are exposed)? If so, what technology is used to achieve this?
SEPARATION BETWEEN CONSUMERS
Separation between different consumers of the Earwig serversprevents one malicious or compromised consumer from affecting the service ordata of another.
Please document the deployment model of the Earwig serversi.e. public, private or community cloud.
Please document the service model of the Earwig servers i.e.IaaS, SaaS, PaaS.
Please articulate how the Earwig servers provides sufficientseparation of the School data and service from other consumers of the Earwigservers.
Which other consumers are likely to share theplatform\service with the School?
OPERATIONAL SECURITY
The service provider should have processes and procedures inplace to ensure the operational security of the Earwig servers. The Earwigservers will need to be operated and managed securely in order to impede,detect or prevent attacks against it. This includes:
1. Configurationand change management
Is the status, location and configuration all componentstracked throughout their lifetime within the service? How is this achieved?
· Yes. Automatic logging.
Are changes to the service assessed for any potentialsecurity impact? How is this achieved?
· Yes. Review before deployment.
Are changes managed and tracked through to completion? Howis this achieved?
· All new releases are tested for security impactbefore release.
2. Vulnerabilitymanagement
Please explain how potential new threats, vulnerabilities orexploitation techniques which could affect the service are assessed and how theappropriate corrective action is taken.
· Public security forums are monitored. Nocorrective action has ever been necessary.
Are sources of information relating to threat, vulnerabilityand exploitation technique information monitored? If so, please list themost common sources used.
· We use Trendmicro –http://www.trendmicro.co.uk/technology-innovation/cloud/
Are known vulnerabilities within the service tracked untilsuitable mitigations have been deployed through a suitable change managementprocess?
· Known vulnerabilities are dealt with immediately
3. Protectivemonitoring
What analysis system do you have in place to identify andprioritise indications of potential malicious activity?
· We monitor logs for unusual activity
4 Incident management
Does the incident management policy include pre-definedprocesses for responding to common types of incident and attack?
· We do not experience any common types ofincident.
Does the policy include a defined process and contact routefor the reporting of security incidents by consumers and external entities?
· Yes. All users have a Contact Us button ontheir dashboards.
Would all security incidents with relevance to the School bereported to us within agreed timescales and format?
· Security incidents relevant to individualschools would be reported to the Earwig Administrator at that school within 24hours.
SECURE DEVELOPMENT
Earwig servers should be designed and developed to identifyand mitigate threats to their security.
Is all development of the service carried out in line withindustry good practice regarding secure design, coding, testing and deployment?
What configuration management processes do you have in placeto ensure the integrity of the solution through development, testing anddeployment? Do you follow any frameworks for this?
SECURE CONSUMER MANAGEMENT
The School may expect to be provided with the tools requiredto help securely manage its service. Management interfaces and procedures are avital security barrier in preventing unauthorised people accessing and alteringresources, applications and data.
What controls are in place so that only authorisedindividuals from the School are able to authenticate to and access managementinterfaces for the service?
What additional controls are inplace so that only authorised individuals from the School are able to performactions affecting the consumer’s service through support channels such astelephone and email?
What management interfaces areavailable, how are they protected and what functionality is available via thoseinterfaces.
What controls are in place sothat other consumers cannot access, modify or otherwise affect the School’sservice management?
IDENTITY AND AUTHENTICATION
Consumer and service provider access to all serviceinterfaces should be constrained to authenticated and authorised individuals.
What identity and authentication controls are in place toensure users are authorised to access specific interfaces?
Does all authentication occur over secure channels?
EXTERNAL INTERFACE PROTECTION
All external or less trusted interfaces of the Earwigservers should be identified and have appropriate protections to defend againstattacks through them.
How will access to the Earwig servers be securely achievedby School staff? Are there any client requirements and what protocolswill be used to facilitate the access?
What physical and\or logical interfaces will the serviceinformation be available from?
What additional controls are in place to protect and controlaccess to School data via these interfaces i.e. Firewalls, Intrusion PreventionSystems?
SECURE SERVICE ADMINISTRATION
The methods used by the service provider’s administrators tomanage the operational service should be designed to mitigate any risk ofexploitation that could undermine the security of the service.
What technical approach\management model is taken by theservice provider to manage the Earwig servers?