LMS Security: The Case Of TalentLMS

5 LMS Security Features Of TalentLMS

Security is one of the most important characteristics you should be looking for in a software product, especially one that runs on a publicly accessible server. Assuming, of course, that you care for your company's training data and your user accounts.

And yet, it's one of the easiest aspects to overlook when looking for a Learning Management System platform. After all, it can't be found in the feature lists and functionality matrices that people are usually fixated upon.

Indeed, the security that a software product offers can be quite difficult to evaluate.

In fact, there's a saying in security circles that says that “security is not a feature, it's a process”. While there's some truth in it (e.g. even the most secure systems will be easy pickings if your password is 123), there are certain features that a Learning Management System just has to have to be secure.

In this article, we're gonna examine what TalentLMS, the popular cloud based eLearning platform, has to offer in terms of LMS security, and how those features help keep the bad guys away.

Rolling Updates.
Security is a moving target. Unlike conventional software that needs constant maintenance by your IT department, TalentLMS, as a cloud based service, is constantly updated with the latest security fixes and enhancements by our product experts. This way all of our users are always running the very latest version, and any vulnerabilities can be patched within hours upon their discovery.
SSL.
The SSL protocol is the sine qua non (“thing that you just can’t do without” for those of you who slept during Latin) of internet security. Normal traffic between a webpage and a user's browser is unencrypted and as such readable by any prying eyes. SSL encrypts (mathematically scrambles) this traffic, so that only the webpage and the end users logged on to it can read it. You're probably already familiar with SSL, as it’s the technology that’s behind the “padlock” sign that tells you a website is safe for online credit card purchases. TalentLMS supports SSL natively, and lets you run your eLearning service in a safe, encrypted, manner, preventing other users in the same networks to read your users' data and passwords.
Safe Signup.
How do you know your users are legitimate users, real people interested in your service, and not internet bots run by scammers? TalentLMS makes it easy, by filtering the wheat from the chaff during the signup process. As the administrator, you have the option to make signup as easy (and relatively unsafe) or hardened (and extra safe) as possible, e.g. by disallowing direct signup and demanding an email verification step, enabling captcha, etc. For companies or organizations wanting to restrict access to their training service to their employees, TalentLMS goes one better, by allowing the administrator to restrict the email domains that can register to the system to a specific “whitelist”.
Passwords.
Any software system, says a security proverb, is only as strong as its weakest link. To prevent your users from being that “weakest link”, TalentLMS insists on good password policies from the start, such as putting a lower limit of 6 characters on password size, and reminding users to not use simplistic passwords on the account details page. After all, as we already said, it doesn't make much sense to ask for a secure system if your users use passwords such as “123”.
Watermarks.
While a strong secure codebase following best practices goes a long way in securing your training material, TalentLMS also goes beyond that to prevent users from stealing and/or sharing your content (as much as this is possible for content delivered online). All major document formats (like PowerPoint, Word, PDF, etc.) are converted to versions that can be seen online just fine but are non-downloadable (unless you explicitly choose to share them). TalentLMS, leveraging its conversion service, can embed your logo or a watermark of your choice directly within your eLearning videos in such a way that it cannot be removed (the same way that TV channels protect their exclusive reports).

Secure From The Ground Up

All of these high level features would matter very little if TalentLMS wasn't built to be secure from the ground up.

Our programmers are trained to follow best practices and identify and prevent all kinds of security issues from cross-site-scripting attacks to SQL injection and tons more besides.

And with tens of thousands of satisfied users worldwide and no security issues all those years, it seems like they're doing a mighty good job.