How To Make Distance Learning Secure
Distance learning has become the norm for families across the country in the past few months as education leaders try to keep staff and students safe.
While we approach the fall season- and back to school, it is unclear how students and school boards will navigate distanced education or back to traditional school. Many districts across Canada are implementing a hybrid model in which students will be doing a mix of online distance learning and part time in-person schooling.
What does this mean for Secured-Distance Learning?
Adjustments are still being made on a reactionary basis as it pertains to distance learning and has proven to be difficult for some districts as faculty, students and staff may not have secure access and appropriate security to study and work remotely. This, coupled with lack of cybersecurity knowledge, is ultimately creating higher security risks. Additionally, many schools were without the proper distance learning infrastructure they needed and many didn’t even have enough safe devices to distribute to students.
What Can We Do To Keep A Safe Distance Learning Environment?
It’s crucial for school boards across Canada – and all over the world, to implement a strong security practice to create a safe online learning environment.
Secure Sense recommends focusing on a few key areas:
- Segmenting the network: Segment your internet-facing teaching applications from your other internal applications, such as your human resources system. This way, if a breach or malware outbreak does occur, the scope of impact is limited.
- Requiring strong authentication:Enforce strong password policies (i.e., complexity, length, and expiration), enforce account lockout after failed attempts to prevent password guessing, and use multi-factor authentication where possible to prevent the misuse of stolen passwords.
- Safeguarding web applications:Exploiting vulnerabilities in applications is the easiest way for an attacker to breach your network. Scan external sites for security flaws such as cross-site scripting errors and SQL injections. Encrypt the traffic between your learning systems and your users, whether faculty, students or administrators, so information can’t be stolen in transit. Deploying a web application firewall (WAF) can protect web application servers and the infrastructure from attacks and breaches originating from the internet and external networks.
- Monitor third-party risk:Additional vulnerabilities and risk come from the third-party technologies that you use in your online learning environments. Whether it’s your learning management system or teleconferencing tools, regardless of whether they are hosted in the cloud or on-premises, perform a thorough security assessment of the vendor and their products before introducing them into your network environment.
- Watch for nefarious or atypical activities:Educational institutions new to implementing distant learning will see a significant increase in devices and external network traffic connecting to their networks. The security staff needs to be aware of any unusual login attempts, unexplainable large data transfers, or other behaviors that seem out of the norm.
Education Is Key
Practicing safe and ongoing cyber security habits is the most basic way to stay safe and secure online. We’ve talked in the past about human error accounting for the majority of cybersecurity breaches, thus making security practices more important than ever.
Here are a few tips for educators and students to follow:
- Learn about and avoid social engineering attempts: Teach all stakeholders to spot attempts to steal personal and proprietary information vial email (phishing), texting (smishing) and phone (vishing).
- Practice good password hygiene:Teach all network users to use strong passwords that aren’t obvious, like your birthday, or the default passwords provided with devices. Never use the same password on multiple accounts and devices. And never share a password with anyone – even individuals claiming to be on the IT team.
- Keep devices updated:Regularly update all devices and applications with patches, as this is critical to protect you from the majority of exploits, and ensure any antivirus/malware software is current and operational.
- Be wise with public networks:There are many free public internet connections anyone can use to jump online. However, they may not be secured. In addition, cybercriminals will often spoof these sorts of networks. So, it’s essential to check with the establishment to ensure the network is legitimate, and when possible, use a VPN connection to access or transmit data. To that end, it is essential that any distance learning tools – both the front end used by students and the back end used by teachers – support SSL VPN and strong authentication.
How Can Parents Help?
Parents should always monitor their kids and be involved in their online life to ensure safe online behaviour. This includes teaching your child to:
- Not post their personal information like address, school information, or pictures without checking with a parent first
- Never meet up with people they meet online
- Be cautions when it comes to downloading software and only visiting trusted sites
- Not post or respond to hurtful messages
- Be mindful of phishing emails representing themselves as other people or organizations
As we keep moving towards a virtual learning, it is imperative that school systems are safe and capable of conducting classes online. The risk of cyber attacks has increased as moving to remote work and remote learning has become more common during the pandemic. Using best practices, as mentioned above, as a starting point will help keep environments safe.
Have any questions on other practices you or your organization can do to stay safe online? Secure Sense can help! With the help of our partners, we have developed secure remote access architectures that can be customized for your organization. Don’t hesitate to reach out to us at firstname.lastname@example.org to find out more about building your solution.
Head to the blog to learn more about how you can keep yourself and your environment safe from attacks:
Secure Sense is the security provider that cares. We are a team of experts with a passion for IT and protecting your organization is what motivates us daily. If you have questions or want to learn more about how we can improve your organization’s security, our services or just want to chat security please give us a shout.