Evalian specialises in Cyber Security, Penetration Testing, Data Protection and ISO consultancy for organisations across all industries, including the education sector. Our team is made up of highly experienced subject matter experts, based throughout the UK.

We provide cyber security services such as penetration testing, cyber incident response and supply chain security for schools, universities and education centres in the UK. We know the systems you use and that cost-effective solutions are a priority for schools, and that is why we work to tailor a package to suit your budget and requirements with no hidden costs.

Whether you are a school, an FE college, an HE organisation or an organisation that works within the education sector, you understand the criticality of lawfully processing and protecting young peoples’ data. Given the sensitive data and reliance on systems at the heart of your institution, you need a mature approach to cyber resilience and compliance with data protection laws.

Do any of these challenges sound familiar?

  • Securing personal data
  • Increasing digital remote learning resulting in larger attack surface
  • Knowing where your compliance gaps lie
  • Protecting sensitive research data
  • Dealing with Subject Access Requests (DSARs)
  • Ensuring staff and students are cyber security aware
  • System resilience to cyber threats
  • Successfully risk assessing your suppliers

How we can help

Whether you need an audit on your cyber security efforts, a web or mobile app test, support with onboarding suppliers securely, or full DPO support, we can help:

Cyber Security Services for schools and higher education

  • Cyber Essentials & CE Plus certification
  • Cyber incident response – Assessment, training, planning and tabletop exercises
  • Cloud security reviews – Cloud security configuration assessments: M365, Azure, AWS and GCP
  • Supply chain security – Visibility of security risks in your supply chain
  • Firewall setting configuration
  • Drafting policies and procedures
  • Phishing and social engineering awareness training

Penetration testing

  • Infrastructure penetration testing – Internal and external
  • Web application pen testing
  • Mobile application pen testing
  • Vulnerability scans and assessments
  • Email phishing assessments
  • Configuration assessments

Data Protection & GDPR Support for schools and higher education

  • Named Data Protection Officer (DPO)
  • ICO registration – We'll register ourselves as your DPO with the ICO
  • On-demand support - phone, email & online access to your DPO
  • Breach response - Prioritised support if you suffer a data breach
  • SAR support - Help responding to data subject rights requests
  • DPIA preparation - Carrying out Data Protection Impact Assessments
  • Privacy notices - Reviewing & creating privacy notices
  • Policy creation – Privacy policy creation & supporting procedures
  • Employee awareness training
  • Data transfers - Data sharing, international transfers & processors
  • Legal support - Legally qualified specialists & solicitors in-house

ISO Consultancy

  • ISO 9001 & ISO 27001 consultancy gap analysis
  • Implementation of a complete Information Security Management System
  • Pre-certification assessment – We provide a sanity check and an independent and objective review of your ISMS
  • Internal audit – We can act as your internal auditor
  • Remote ISMS management – we can manage your ISMS after certification

Cyber security can be challenging. It’s becoming ever more complicated as organisations embrace mobile first, cloud and online led business models. These bring great benefits to education, but also result in new threats, additional vulnerabilities to manage and a larger attack surface.

Our team has supported schools and universities like yours, to meet their compliance requirements, assess their security posture, test their infrastructure, provide remediation advice and much more. Our aim? To take the heavy lifting away from you, so you can concentrate on the other critical areas of education.

Our Certifications

We are an NCSC assured service provider for services relating to Cyber Essentials, CREST accredited for penetration testing, vulnerability scanning and OVS certified. We are also certified to CE+, ISO 9001 and ISO 27001.

Trusted by Schools & Universities Across the UK

Outsourced Data Protection Solution for a leading Academy School in Herts:

“Following the initial work with Evalian, we’re confident we have all the processes and procedures in place but know we can contact our consultant for any issues that may arise where we feel we need more guidance. We’re free to manage our own processes but have support over email or phone from our consultant or the wider team whenever we need it.”Assistant Head Teacher, Ridgeway Academy

“We have been using Evalian for DPO services and have been impressed to date with the support and guidance we have received, such as complex subject access request - their flexibility and positive attitude has been a great help.”Head of Information Security Management, Oxford Brookes University

Contact Us
Contact us now for a friendly chat, we promise real-world advice and a pragmatic approach to your organisation’s cyber security requirements.

Email: and include the reference: EDUCATION