Friday, May 29, 2020

Securing The New Norm In Distance Learning

Securing The New Norm In Distance Learning

Spotlight

Phoenix Gas Starts Supplying Gas-Powered Gensets

Phoenix, in partnership with US-based Mesa Natural Gas Solutions, LLC, is expected to bring the first batch of its gas-powered genset units in the Philippines next month.

Celebrities And Influencers Join Love Plus Charity Foundation

These celebrities and influencers have stepped up and maximized their privilege by helping out during the COVID-19 pandemic.

DOTr Reiterates PUV Transport Protocols Under MECQ, GCQ

Department of Transportation reminds the public to follow the imposed health and safety guidelines for public transportation to prevent transmission of COVID-19.

SM Net Income At PHP9.0 Billion In Q1

SM Investments Corporation reports its first quarter net income stood at PHP9.0 billion, lower by 16% than the previous year, partially due to the ECQ.

Over the past few months, educational institutions around the world – from elementary schools to colleges and universities – have been forced to embrace distance learning. It’s now estimated that 70% of students are currently doing some form of online education.

For many of these institutions, this digital transformation to distance learning was thrust upon them—regardless of whether they were ready or not. Schools are scrambling to not only build the content for their courses but also to build the distance learning infrastructure needed to ensure all of their faculty and students have remote access to this content. The challenge they face is how to do this at scale and do it securely?

Unfortunately, malicious actors and cybercriminals are fully aware that for many organizations, these are uncharted waters. Educational institutions have long been a target by adversaries. According to the 2019 Verizon Data Breach Report, education continues to be plagued by human errors, social engineering, and denial of service attacks. And these changes only compound these challenges.

The movement to distance learning has created additional risk for institutions and created potential opportunities for the adversary. These criminals are more motivated than ever to steal financial information, intellectual property, or simply be disruptive.

Securing the Learning Environment

There are several simple steps every educational institution needs to consider implementing if they desire to set up and maintain an effective distance learning environment while keeping their cyber adversaries at bay. These include:

• Provide Strong Authentication

With advancements in hardware processing power, cracking passwords can be done in a matter of seconds. Which is part of the reason why there is a ton of stolen credentials for sale on the dark web, with more being added every day. It is essential, therefore, to enforce strong password policies (i.e., complexity, length, and expiration), enforce account lockout after failed attempts to prevent password guessing, and leverage multi-factor authentication where possible to prevent the misuse of stolen passwords.

• Protect Web Applications

Next to stealing credentials, exploiting vulnerabilities in applications is the easiest way for an attacker to breach your network. You must scan external sites for security flaws such as cross-site scripting errors and SQL injections. And it’s equally important to encrypt the traffic between your learning systems and your users, whether faculty, students, or administrators, so information can’t be stolen in transit. In addition, deploying a web application firewall (WAF) can protect web application servers and the infrastructure from attacks and breaches originating from the Internet and external networks.

• Leverage Network Segmentation

Another way to secure your environment is to segment your internet-facing teaching applications from your other internal applications, such as your HR system. This way, if a breach or malware outbreak were to occur, the scope of impact will be limited.

• Manage 3rd Party Risk

The third-party technologies that you use in your online learning environments can pose additional vulnerabilities and risk to your enterprise network. Whether it’s your learning management system or teleconferencing tools, regardless of whether they are hosted in the cloud or on-premise, you need to ensure you perform a thorough security assessment of the vendor and their products before introducing them into your network environment.

Monitor for Malicious or Unusual Activities

Organizations new to implementing distant learning will see a significant increase in devices and external network traffic connecting to their networks. The security staff needs to be aware of any unusual login attempts, unexplainable large data transfers, or other behaviors that seem out of the norm.

Knowledge is power in protecting against adversaries

Similar to how we teach our kids to learn and memorize basic math facts to tackle more complicated math problems, we need to ensure that faculty, students, and staff understand the cybersecurity basics to ensure they remain safe. No online course is complete without having some form of cybersecurity education on the syllabus. At a minimum, faculty, students, and staff should know how to:

• Protect Their Passwords

Ensure individuals use strong passwords that are not obvious, like your birthday, or default passwords provided with devices. Never use the same password on multiple accounts and devices. And never share a password with anyone – even individuals claiming to be on the IT team.

• Keep Their Devices Up To Date

Make sure devices and applications are updated with patches, and that any antivirus/malware software is current and operational.

• Spot Social Engineering Attempts

Everyone should be taught how to spot attempts to steal personal and proprietary information vial email (phishing), texting (smishing), and phone (vishing).

• Be Wary of Public Networks

Many public places, such as cafes, hotels, and airports, offer free internet connections to jump online easily. However, while they are convenient, they may not be secured. In addition, cybercriminals will often spoof these sorts of networks. So it’s essential to check with the establishment to ensure the network is legitimate, and when possible, use a VPN connection to access or transmit data. To that end, it is essential that any distance learning tools – both the front end used by students and the back end used by teachers – support SSL VPN and strong authentication.

As we engage in distance learning, we need to ensure that we practice cyber distancing to protect ourselves from the adversary. Taking control by following these standard security practices is one of the best ways to effectively move us securely into this new distance learning norm.

Photo Source: elements.envato.com

Latest News

Sen. Gatchalian: CBMS Law To Correct Inefficiencies In SAP Distribution

Gatchalian has urged the government to use the Community-Based Monitoring System (CBMS) Act to ensure efficient distribution of the Social Amelioration Program (SAP).

Mayor Joy To Strictly Implement Order On Wearing Of Face Masks In Public Places

Belmonte urges the public to wear face masks in public places following the study that universal masking flattens the curve significantly more than maintaining a strict lockdown.

Spox Roque: DepEd Ready For School Opening In August

Malacañang has expressed confidence that the Department of Education (DepEd) is ready for the scheduled opening of classes on August 24 despite the COVID-19 pandemic.

GrabCar Doubles-Down On Safety And Hygiene Standards With GrabProtect

GrabCar has released a set of guidelines for its passengers for the continuous enforcement of higher safety and hygiene standards for public transport in the country.

Home Cooks To Shine In Metro Channel’s Newest TV Show “Potluck”

“Potluck” is open to all home cooks at least 20 years old who would like to share their own recipes—from classic Pinoy favorites to fusion food and even quarantine-inspired treats and desserts! Read more of the mechanics here:

Gov. Defensor Jr.: Iloilo Is Now Preparing For MGCQ

Iloilo Province is already adjusting quarantine guidelines as its general community quarantine (GCQ) will end on May 31.

Surigao Sur Tribal Leaders Laud Progress Of School Construction

Manobo tribal leaders in the Surigao del Sur town of Lianga have commended the continuing progress of the construction of the indigenous people (IP) school in Sitio Simuwao, Barangay Diatagon.

Pres. Duterte Eases Community Quarantine Status

PRRD has placed the rest of the country under modified general community quarantine effective June 1.

Angelicum School Iloilo To Stop Operations On July

Angelicum School Iloilo announces suspension of operations starting July 31, 2020.

Lesha’s ‘Ciao, Bella’ Receives Solid Support Across Asia

Have you listened to this "Money Heist" inspired track yet?