Newcastle Grammar School Meets Essential 8 Compliance with Clever MFA
Newcastle Grammar School is an independent school in New South Wales, Australia, serving students from primary through secondary school. Like many schools navigating a post-COVID digital landscape, the IT team—led by IT Manager Michael Browning—has been on a deliberate journey to modernize and harden its technology infrastructure.
With nearly a decade in the role and a team that has grown alongside the school’s ambitions, Browning has overseen a significant shift: moving from a bring-your-own-device (BYOD) model for all students to a managed one-to-one device program, starting with Year 7. At the center of that shift was a security requirement that had gone unsolved for years.
The challenge: Implementing MFA Without Secondary Devices
Multi-factor authentication (MFA) is a foundational requirement for any school working toward recognized security frameworks like the Essential Eight or NIST guidelines. For staff, implementing MFA is relatively straightforward. For students, it’s a different story entirely.
Newcastle Grammar has a policy where students, particularly in the younger year groups, are not permitted to have mobile phones during the school day. That means a traditional second-factor—like a one-time code sent to a personal device—simply isn’t an option. And even among students who might have a phone, many parents in Year 7 choose not to provide one at all.
As the school began planning its one-to-one device program, powered by Microsoft Intune and Autopilot with a strategic focus on Microsoft’s modern authentication, MFA became the critical missing piece. Without it, there was no path to leveraging Windows Hello or Face ID support, and no ability to meet the security maturity benchmarks the school’s board and cyber insurance auditors were increasingly asking about.
The Solution: Seamless Integration with Microsoft Entra ID
“We both went: why haven’t we found this before? This is exactly what we’re looking for.”
Clever’s MFA for students offers a visual secondary authentication method—students select a combination of images, such as an animal and a fruit—rather than requiring a device like a mobile phone. This approach works within the school’s existing policies and is accessible to students as young as Year 6 and 7 who may not own a smartphone.
Newcastle Grammar integrated Clever’s MFA directly with Microsoft Entra ID using conditional access policies. When students in Year 7 log in, they enter their Entra ID password, then Entra ID routes them to Clever for their second factor rather than the standard Microsoft Authenticator flow. This allows the school to use modern authentication—and unlock the features that depend on it—without requiring students to have personal devices.
The rollout for the initial Year 7 cohort of 120 devices was completed smoothly. Learnings from the first year group helped make the broader rollout even smoother, and the core system performed as expected.
The Results: Confident Compliance and Happier Students and Staff
Since deploying Clever MFA for their Year 7 cohort, Newcastle Grammar has seen tangible improvements across several areas.
The school’s third-party security operations center (SOC) previously flagged frequent alerts around student accounts showing sign-ins from unexpected locations, often due to VPN usage. With MFA in place, those alerts have decreased meaningfully. The SOC’s standard recommendation—ensure users have MFA enabled and change passwords if needed—is now something the school can act on rather than defer.
MFA also unlocked modern authentication in Microsoft’s ecosystem, which enabled Windows Hello and device-specific authentication methods like Face ID and PIN. These features had previously been out of reach because they depend on having a second factor in place.
Perhaps most importantly, the school is now able to confidently answer the security maturity questions that come up during board reporting and cyber insurance reviews. Questions about MFA coverage—once a gap—now have a clear, affirmative answer.
The school’s roadmap now calls for extending the program to Years 8 and 9 over the next two years as each cohort receives school-managed devices. Browning is also exploring expanding MFA coverage to primary school students and, eventually, the full secondary school population.
Looking Ahead
For Newcastle Grammar, Clever solved a specific problem that no other solution had—providing MFA for students who don’t carry a second device. But its impact has extended well beyond that single requirement. By unlocking modern authentication, it has enabled a more secure, more manageable device environment for students and staff alike.
As the school continues to expand its one-to-one program and work toward a hardened application environment, Clever Classroom MFA will remain a foundational piece of that security strategy—and a reason the school can meet the bar that boards, cyber insurers, and the Australian government are setting.
More to read
June 3, 2026
MFA by 2026: How Vita MAT Beat the Cyber Essentials DeadlineVita Multi Academy Trust needed an MFA solution that could work for pupils as young as Year 3 — without disrupting classrooms or overwhelming their IT team. By deploying Clever's Classroom MFA, the trust achieved Cyber Essentials compliance ahead of the April 2026 deadline while reducing IT support tickets and keeping learning time protected across all schools.
May 29, 2026
UK Primary School Switches to Clever for Secure, One-Click Access to AppsDiscover how Cornerstone C of E Primary School replaced risky shared logins with unique, secure credentials for every pupil, using Clever's single sign-on and Clever Badges to make classroom and home learning seamlessly accessible across all year groups.
May 29, 2026
18 Years of Manual Provisioning in Manitoba, Cleaned & Automated in MinutesPark West School Division's three-person IT team eliminated 18 years of manual account provisioning across 16 rural Manitoba schools — with Clever IDM making over 800 directory changes on day one and zero manual account requests ever since.














