emPSN operates the principle of least permission access on the Internet firewall for all of the changes we implement. We encourage and recommend customers only open the ports and services they need (to or) from the Internet. Least permission reduces the chance of your firewall openings (rules) being used for the wrong reasons or services which they were not opened for. For example, allowing access to a specific Internet website directly vs allowing access to all websites.
To some this might seem paranoid or in some instances make changes a little more complex, but this does also offer you a level of protection to your network and users.
Some sites will have an amount of legacy configuration which might be permitting access to services you no longer use, or indeed allow access where it is not wanted. Some of this legacy might also not be least permission access so it is entirely possible that you have exposure to the internet you were not aware of.
emPSN recommends that customers regularly review firewall rules to ensure security is maintained for customer equipment and devices. To obtain a copy of your firewall rules please log a change with KCOM Change Control who will supply you with details – https://portal.kcom.com Where you manage a schools network this should be part of your (at least) annual task list.