A Case In Point- The San Beda University Hack

On 4th June 2020, Rappler published an article detailing the hack on the San Beda university portal. Hackers defaced the school’s website in an attempt to get the attention of the school administration.

“Server Pawned. Greetings San Beda University! Do we have your attention now? We’re expecting from you. Don’t try to provoke us. This message may serve as a warning.”

That was the message that appeared on the official website. The defacement also included a seven-day grace period upon which “doomsday” would reign. In addition to the school website, hackers also infiltrated the official Facebook page and posted the same message. The website was later taken down.

Why Is Security A Necessity For Successful Online Education?

San Beda university is just the tip of the iceberg of how insecure online learning platforms have become. We all know how big the e-learning sphere has become. Statista forecasts the global e-learning market to grow to almost 400 billion U.S. dollars by 2026. This growth and popularity ushers in a new wave of cybersecurity challenges. 

Learning institutions should know that whereas spending a lot of money to build a reliable and learner-friendly portal is essential, having proper measures to protect your online education platform is equally important.

Measures to Secure e-learning System

With that said, we should now pay more attention to some of the tips and measures to secure e-learning platforms. Here are some of the tips you should consider:

  • Implement Best Password Practices

This might seem obvious, but strong and unique passwords are essential to secure your school system from cybersecurity threats. Hackers will first try to guess your system’s passwords before employing more sophisticated techniques to get into your school system. The weaker your passwords are, the more vulnerable an online learning platform is to attacks.

The remedy to the dictionary and brute force attacks is to use strong and unique passwords. In other words, system users must use complex passwords that cannot be guessed easily. When creating passwords, users should be encouraged to use multiple characters, such as letters, numbers, and symbols. 

This password policy should cut across all stakeholders who have accounts on your e-learning platforms. Tutors, students, system administrators, management, and other helping staff members should be encouraged to implement these password policies.

  • Install SSL Certificate

For optimum security, it would be best to encrypt all communications happening on your e-learning portal. You need to buy SSL and install it on your online portal for this role.

The SSL certificate is an encryption protocol that secures communications between web servers and users. All data transferred between students’ browsers (or other staff members) and the school system servers will be encrypted. Encryption means that even if the hackers access the files, they cannot read the communication.

The only person able to read and decipher the scrambled data in an end-to-end encryption tunnel is the bearer of the decryption keys. All you need to acquire these encryption strengths is an SSL certificate. 

You can choose different types of SSL certificates to secure your online platform. The choice of certificate you make will entirely depend on your website needs.

Find a tutor for this topic

Find a tutor
  •  CMS User Roles

Defining CMS user roles is another vital tip for a secure e-learning platform. Who are the stakeholders around your learning institution? How much access to IT systems do they require to perform their tasks? For instance, it would be ideal for a tutor to require access to curriculum materials and a bursar to finance systems. But what business does a tutor have with the finance system and a bursar with curriculum materials? None.

Access to various components of your e-learning platform should revolve around similar principles- limit access to only those who have business with a system. If you do not follow this direction, you should prepare to face insider attacks. And did you know that Insider threats have increased by 44%? Did you also know that 55% of organizations see privileged users as the biggest insider threat? The ball is now in your court. You either define and limit user privileges or fall victim to insider threats. That’s why privileged user management is important in our time.

  • User Administration

Whenever a member of staff leaves the institution or goes on leave, due process should be followed to revoke or limit their access privileges. Effective user administration is one of the most crucial methods to secure your online learning platform. Alongside allocating user roles, it would be best to keep close control over who can do what. Doing so will help to mitigate the risk posed by ex-employees.

  • Two-factor Authentication

We have already seen how passwords play a vital role in the security of your online learning platform. But hackers have also devised excellent and sophisticated techniques to bypass passwords. Two-factor authentication is an important measure to boost your authentication walls. 

Two-factor authentication adds a layer of security to authentication fronts. Hackers usually do not have access to the second authentication, making it hard for them to access the school system. For optimal security, ensure you leverage the second authentication factor, such as secret codes, one-time passwords, and biometric authentication factors.

  • Hosting Provider Security

Before choosing a hosting provider for your e-learning portal, you must ensure the provider has several security measures that will boost your school website’s security. The hosting provider should provide security packages such as SSL certificates to help your website security. You can check here for some of the most reliable hosting companies you can use for your school website.

  • Conduct Regular Security Assessments

Integrate regular security assessments into your workflow. To this extent, consider using a DAST platform. DAST platforms can act as a cornerstone for your e-learning system security as these automated tests can be scheduled on a recurring basis or incorporated into your CI/CD pipeline. This helps you understand the security posture of your application and also ensures you’re free of potential vulnerabilities during each update you make to the platform.

  • Use A Firewall Protection

You should consider buying and installing a firewall for your e-learning portal. The firewall acts as a real wall that stops fire from spreading to parts of your website. For instance, the firewall will prevent malicious traffic from reaching your servers. Additionally, when it comes to optimizing the functionality of your online platform, explore the best Shopify apps to ensure comprehensive protection for your e-learning portal.

 Conclusion

Managing the security of your e-learning platform is essential. Hackers are rampant on these streets and spare no school or healthcare facility. I have given you a head start on how you can improve the security of your school system. But ensure you also back up your data in case things go south and these measures fail to protect your systems.