Security and privacy issues are some of the main concerns that universities and organisations have when entering the online learning space, and with the introduction of GDPR, the issues are even more salient.
How can we be reassured that the users accessing the online system are actually the students that signed up for the course?
Is it sensible to administer assessments online?
These are just two of the myriad questions those new to online learning may ask themselves. At the root of these questions is an issue of trust – people and organisations want to know that they can trust that their infrastructure and processes are robust and able to handle any kind of cyber threat, even if that threat is a student allowing someone else to do their work for them remotely.
Considering the huge investment required to take a course online (there’s the cost of the learning management system, the creation of content, the hiring of faculty and staff, and so on), it is not surprising that security should be high up on the radar. Having a secure online learning environment is seen by many as a way to secure the value and longevity of the investment made into the course.
However, since the information presented in online learning is, in most cases, available widely in one form or another through YouTube videos, easily accessible journal articles, industry case studies, and so on, the security concerns are around access of the materials and ensuring that learners are able to authenticate their identities, that data is back-upped and easily recovered, and that the learning management system is secure and stable. To that end, here are a few ways that learning organisations can ensure that their online learning environments are safe and secure:
Authentication: Does your learning management system support external identity providers, does it integrate with your organisation’s other systems, such as the admissions database or student support system?
Automatic updates: Do you automatically install security updates and service patches when they’re available?
Session security: To ensure the security of the data and the privacy of the users, does your learning management system use ‘https’ encryption and does all the inbound and outbound traffic use 128-bit TLS/SSL security?
Backup and recovery: Is your data and content backed up redundantly, and ideally every day? This is important so that if and when an emergency or disaster happens, the data is recovered from the servers.