How To Secure Your Online Learning Platform
It was 5pm on Friday June 3, 2011, when Distribute.IT co-founder Carl Woerndle received a call alerting him to a breach in his company’s network. Until then, the company -- founded in 2002 by brothers Alex and Carl Woerndle -- had been running just fine. Having built the reputation of their business over nine years, they now had about 30,000 clients. The June 2011 attack was something they would never recover from, however. After having to spend several 72 hour sessions trying to get their network back online, the Woerndles eventually came to the sad realization that there is no more hope for their business.
Now, it should be an obvious fact that practically no one is immune to hacking. The U.S. government has been hacked, Yahoo! has been hacked, LinkedIn has been hacked, and many other major sites and networks -- with hundreds of computer scientists and expert hackers, even these sites weren’t immune. In fact, according to top VPN review site TheBestVPN.com, more than 50% of Americans will get hacked online -- that’s at least 100 million people.
The point isn’t that you will be completely unhackable, it is that you can be so secure that hackers will need a highly sophisticated means to be able to bring you down -- for the average business owner, it just isn’t worth the effort! If you run an eLearning business, it is highly essential to pay attention to the following security tips that will help you secure your online learning platform.
1. Properly Educate And Orient Your Employees And Contractors About Security
Make it a duty to properly educate and orient your employees, contractors and anybody that will have any sort of admin access to your network, learning management system or control panel. In a lot of security articles, this particular tip -- which is one of the most important -- is usually left out.
Every major hack or security breach can be traced to an insider being compromised -- whether intentionally or unintentionally. In the case of Distribute.IT, the hackers identified a vulnerable employee, installed a key logging malware on the employee’s computer and then used the laptop’s secure VPN connection to access the network.
Educating people with admin access involves letting them know about things that can bring about security risks, as well as encouraging them to install security software that will raise an alarm and take corrective action if their computer is compromised.
This is especially important if you have a BYOD policy, in which employees and contractors are allowed to bring their own device to the workplace and access the control panel through their device.
2. Have Strong, Multiple Backup Systems In Place
If Google, Yahoo! and the U.S. government can be hacked, it goes without saying that no one is 100 percent immune to being hacked.
Perhaps the most important security measure you can take to protect your online learning platform is to have strong and multiple backup systems in place. You should expect that you could be the target of a well-resourced hacker one day or the other, so don’t joke with your backups. Institute a system that creates a local backup of your system as well as cloud backup to several backup solutions on a regular basis. This way, if things come to a head you can get back running with your backup in no time.
3. Enable And Encourage 2-Factor Authentication
One of the major issues you have to deal with when running an online learning platform is a user being compromised; no matter how hard you try, especially if you have a lot of people on your network, a user is bound to get careless. With major websites being hacked every other day, a user doesn’t have to be personally hacked for someone with malicious intentions to get hands on his or her login information; this is because many people use the same login for several sites, making them vulnerable on all sites they use even if just one was hacked.
A good way to mitigate this risk and reduce the chances of compromised user details is to allow and encourage -- if possible make mandatory -- the use of 2-factor authentication. This way, even if users of your platform are hacked and an hacker tries to login, they will still need to authenticate with a code they can get through their mobile devices before their access is confirmed, thus making their login information practically useless in the average hacker’s hands.
4. Keep Up With Patches And Updates For Your Learning Management System
Online technology is evolving really fast, and hackers are not sleeping either -- if the last time you updated your learning management system was a year ago, then you should brace yourself for a hack in the near future. If you use an LMS that is barely updated, especially if it has been known to have security breaches in the past, perhaps it is best that you look for an alternative.
Always keep your Learning Management System up to date; often, security updates and new releases are rolled out to fix bugs, and updating as soon as an update is available can save you a lot of headache later down the line.
