Thank you for Subscribing to CIO Applications Weekly Brief
Why Education Providers should Focus on Cybersecurity?
In addition to data privacy concerns, with students and faculty utilizing personal devices to log in remotely, user compromise and ransomware are two of the most common cyber security issues among higher education providers.
Fremont, CA: The global shift toward online learning, accelerated by the Covid-19 pandemic, is having a significant impact on educational institutions all over the world. Whether educational institutions have completely shifted to online learning or are using a blended learning approach, one thing is certain: eLearning is here to stay.
Because of the rapid adoption of educational technology, educational providers are now exposed to a broader range of cyber security risks. In fact, in a recent survey of educational providers in Australia, the agency Vector Consulting discovered that more than 75 percent of respondents believed that their institution's cybersecurity needed improvement because a security breach can cause not only financial and regulatory damage but also brand reputational damage, resulting in a loss of trust from staff, learners, and potential students.
1. Data Hygiene
When asked to rank the importance of various datasets, 80 percent of respondents to Vector Consulting's survey ranked student data as the most important to protect, owing to its sensitive nature and the fact that it is typically the largest dataset that institutions guard. Poor data hygiene is one of the other top risks of educational institutions, with so many students and staff learning from remote environments, as remote learners and staff send each other unencrypted documents containing personal information via unencrypted emails or messaging apps.
While it is assumed that educational institutions will adhere to data protection legislation such as the European Union's GDPR or California's CCPA, institutions must also have complete control over their data. This includes the ability to choose how and where their data is stored, whether they use their own resources for hosting and support or hire external service providers. Such adaptability is almost certainly possible with open source platforms, where, unlike most proprietary software, the choice of product is independent of the choice of hosting provider.
2. Cyber Security Threats for Educational Institutions
In addition to data privacy concerns, with students and faculty utilizing personal devices to log in remotely, user compromise and ransomware are two of the most common cyber security issues among higher education providers. ICT teams at educational institutions should address issues like phishing attacks and threats to release private data accessed by hackers by enabling multi-factor authentication in their LMS, encrypting data, and performing regular backups. More information can be found in these Security Tips from Moodle's Application Security Engineer, Mick Hawkins, who shared best practices for Moodle administrators to ensure that their Moodle installations are as secure as possible.