3 Ways to Improve Online Learning Security

eN
eschoolmedia
Oct 6, 2020
cyber attack cybersecurity online Online security Policies security training

Over the last weeks, students, professors and caregivers alike have adjusted to the modern-day classroom – many of which consist of a full or hybrid online learning model. This virtual shift brought on by COVID-19 comes with many unique challenges, and one of the most concerning is ensuring optimal online learning security across new and emerging technologies.

Educational institutions across the country have rolled out new technologies to accommodate virtual learning options, ranging from video conferencing tools to educational mobile applications. But, more often than not, deploying these solutions is based first and foremost on convenience and accessibility, with online learning security falling by the wayside.

Related content: Why security experts are concerned about online learning

Making matters worse, today’s sophisticated cybercriminals are well aware of the opportunity presented by online learning, targeting their attacks accordingly. In fact, recently, the Humble Independent School District in Texas suffered a cyber attack during the first day of online learning, disrupting the district’s servers and causing students and teachers to resort to offline measures. Given today’s complex, evolving threat landscape, this may not be the only instance we hear of malicious actors taking advantage of vulnerable online learning systems and software.

With current and future educational systems in flux, with long-term repercussions expected, students, educators, and IT teams should follow these steps to bolster online learning security.

Implement simple steps first

Before diving into the curriculum, ensure that online learning security basics are covered on various devices, including all software and applications. To begin, consider using a Virtual Private Network (VPN), which can enhance the security of a device being used for online learning. The main benefit of using a VPN is that it can turn any system into an anonymous machine that’s harder to track online while encrypting the data that flows in and out. As a result, users can rest assured data is secured as they share it back and forth between students, educators and additional staff – regardless of where they’re stationed.

A recent survey revealed that as a result of COVID-19, 44 percent of consumers have been forced to use new video conferencing tools (e.g. Zoom, Microsoft Teams) and 19 percent have been using new online learning (e.g. Google Classroom) apps. Before downloading such software, take a moment to read through the end-user license agreement (EULA). How will the software vendor be collecting, using, and storing data inputted into the application? Is it made clear? If not, then there’s a strong case to push back on the school district, explaining why it’d be unsafe for all to use such software.

Additionally, it’s important to stay current with all software updates. It can be easy to skip software updates because they can take a few minutes of time, but ignoring them creates an open door for cybercriminals to access information due to existing security gaps. However, don’t be fooled into updating software applications from counterfeit websites. When in doubt, open up the applications themselves and follow the instructions directly within.

Increase vendor vigilance

With students and educators using more electronic communication tools this school year than ever before, cybercriminals have an expanded attack surface on which to capitalize. For this reason, it’s critical for school districts and their corresponding IT teams to conduct proper due diligence when it comes to vetting the new software vendors they’re working with and new platforms they are adopting this year.

Key components to take into consideration and questions to ask include:
● Audit vendor certifications: Is the vendor certified with industry-standards like ISO-27001, SOC 2 or SOC 3? These third-party certifications are highly regarded in the technology industry, and a quick online search for the vendor’s certification history should yield the results needed for an initial inspection.
● Evaluate application security testing: An important question to ask is, does the vendor perform regular application security testing (AST) like penetration testing or static code analysis (SAST) as part of their product’s release criteria? Will they share that report and the findings with the school district’s IT team, to then disseminate onto educators and caretakers, so everyone is aware of any potential security gaps in real-time?
● Consider the security incident policies: Lastly, it’s important to plan for the worst – a security incident. In today’s digitally-connected world, it’s only a matter of time until every organization falls victim to an attack. So, if something does happen, what are the steps that will be taken? What is the vendor’s security incident policy? When and how will schools be notified if a breach happens? What is their mitigation strategy? These, and many others, are all questions that need to be answered before an incident actually occurs.

Overall, the security of a platform should be just as important as its cost, ease of use, and availability when selecting what to use and share amongst educators and students.

Demand policies & regular trainings

If a school district has not communicated cybersecurity best practices to students, caregivers, and staff, it’s time to be proactive about it. Demand an easy-to-access policy of recommended online learning security measures — then physically print it out and virtually bookmark it, regularly referring to the document throughout the semester. For newly-deployed software and technologies, develop separate best practices lists that not only explain how to get started using the platforms, but also how to do so in a secure manner.

Additionally, school districts should ensure regular cybersecurity training across all functions, from the principal to the part-time tutor, which should cover how to communicate safely, top indicators of malicious spam messages, and more. Training isn’t a ‘one and done’ activity; it should be done regularly throughout the semester, especially given how unique the current situation is to students and educators. Penetration testing should also be carried out both on new and old software alike to identify potential security gaps and remediate the issues before attackers have a chance to cause havoc.

This school year is a unique, challenging situation, but with a few proactive measures, increased vigilance, and proper protocols demanded from the top, a more secure online learning environment is something we can all strive to achieve.

Follow us on social media for the latest updates in B2B!

Image

Latest

pcp
PCP Attribution Analysis
May 22, 2025

Dr. Sam Ambewadikar, RVP and Medical Director at Anthem National Accounts, joins Brent to unpack the power of primary care attribution analysis—a tool he helped pioneer to spotlight the clinical and financial impact of members not having an established PCP. Drawing from his background as a practicing pediatrician and claims analytics leader, Dr. Sam shares…

Read More
sydney health
Sydney Health Demo
May 22, 2025

In this episode, Christina Firouztash, Executive Advisor of Digital Solutions at Anthem, gives a dynamic walkthrough of the Sydney Health app—Anthem’s flagship digital member experience. Christina showcases how Sydney delivers personalized, simple, and equitable navigation across benefits, including virtual care, pharmacy, financial transparency, and social services access. From contextual chatbots and ID card access to…

Read More
pharmacy
Pharmacy Part 1
May 22, 2025

In this episode, Brent chats with Katie Brennan, National Sales Director at CarelonRx, about making pharmacy benefits more accessible, consistent, and member-friendly. Katie spotlights Carelon new advanced home delivery model, which brings the pharmacy counter—and the pharmacist—into the member’s home. With fewer retail pharmacies offering extended hours and many patients lacking reliable transportation, CarelonRx is…

Read More
inclusive care
Inclusive Care
May 22, 2025

Sammy Gonzalez, Regional Vice President at Elevance Health, joins Brent for a deeply personal and impactful conversation on health equity and inclusive care. Sammy shares a powerful story of medical misdiagnosis tied to cultural assumptions, underscoring how bias—even unintentional—can hinder care quality. He highlights Elevance’s work to improve diversity in provider networks, enhance cultural competency,…

Read More
Related
generative AI tools
Software & Technology
Generative AI tools Is Taking On the Tedious Tasks—Freeing Teachers to Inspire, Mentor, and Elevate Student Thinking
May 21, 2025
AI
Healthcare
AI in the Classroom: Why AI-Powered Personalized Learning Might Not Deliver on its Promise
May 19, 2025

AI is everywhere—and it’s evolving rapidly. From predictive algorithms to large language models like ChatGPT, artificial intelligence is reshaping how we work, communicate, and learn. As schools explore AI in the classroom, educators and researchers are asking: Does AI really understand us? Or are we projecting human-like thinking onto systems that are fundamentally different? The…

Read More
healthcare staffing crisis
Healthcare
A Skills-First Model Without Student Debt: How MedCerts Is Tackling the Healthcare Staffing Crisis With Tech-Driven Training
May 16, 2025

A growing healthcare staffing crisis is forcing institutions to rethink how the next generation of clinical talent is trained. A study by Mercer and Lightcast, cited by the American Hospital Association, projects that the U.S. could be short of as many as 100,000 critical healthcare workers by 2028. This urgent gap is pushing innovators to…

Read More