Before closing in March 2011, the UK public body; BECTA developed a number of good practice guides to help staff and contractors within schools, colleges and universities tasked with implementing data security and the protection of personal and sensitive data. These guides are based on the legal requirements set by UK law and on recommendations provided by the Information Commissioner's Office (ICO). Although Becta no longer exists, the guidance issued regarding encryption still stands as a balanced and realistic basis for any school or college needing to deploy and manage encryption within a sound security policy.

The ICO recommends that portable and mobile devices, including portable media and any other device or medium that is removed from or accessed outside of the physical secure space should be encrypted to guard against compromise. Also recommended is the secure deletion of any data no longer required and the encryption of data being transmitted electronically between systems and locations such as when using email.

Part of this process is to assign an impact level to a particular type of data being handled. Impact levels range from impact level (IL) 0 - Not Protectively Marked, through IL 1 - Protect, IL 2 - Restricted, IL 3 - Confidential, IL 4 - Secret and IL 5 - Top Secret. In practice the personal data that educational establishments handle will be impact level 2 or lower. IL2 covers data that if compromised could "cause short term distress to individual, breach statutory restrictions on the disclosure of information, for example, credit card details or medical information".

DESlock+ is available from RM PLC as part of a joint venture to provide accredited, simple and affordable encryption to Schools. RM expertise and experience means that introducing encryption to your school, college or university is fast and effective, and won't impact real working practice.