One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8577801 |
| Date de publication | 2024-09-16 10:00:00 (vue: 2024-09-16 16:17:04) |
| Titre | Relever les défis uniques de cybersécurité des plateformes d'apprentissage en ligne Tackling the Unique Cybersecurity Challenges of Online Learning Platforms |
| Texte | The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. Online learning has expanded access to education across all levels. However, as beneficial as these platforms can be, they pose unique cybersecurity risks. Securing e-learning platforms will become increasingly crucial as more school systems embrace this technology. The Challenge of Securing Online Learning Online education’s vast amount of sensitive data is its most prominent risk. These platforms may hold information like student names, addresses and financial details, all of which make ideal targets for cybercriminals. Even more troubling is the fact that the average K-12 district uses more than 2,500 EdTech tools, giving attackers many potential ways to access this data. While not every educational technology is inherently vulnerable, the industry’s shift to digital solutions highlights its swelling attack surface. A single school might use multiple online learning tools, and an e-learning platform may host data from hundreds of schools. This puts a lot of sensitive information at risk. Securing these platforms isn’t always as straightforward as it may seem. Schools spend less than 8% of their IT budgets on security, with one in five spending under 1%. Those budgetary constraints make it challenging to implement the kinds of protections needed in many cases. It’s also worth considering that online learning’s primary users are students. As such, they lack the knowledge or experience to follow best practices. They also require seamless access, which may be at odds with stronger protections. Steps for Better Online Learning Security These obstacles make cybersecurity in online learning critical and challenging. School systems and their security partners can navigate this unique risk landscape through these five best practices. 1. Be Selective About Third Parties E-learning cybersecurity begins with choosing appropriate tools. The EdTech market is vast and constantly expanding, but not every solution offers the security schools need. Considering the sensitive nature of education data, they must be more selective about the third parties they do business with. Education IT decision-makers must verify online platforms’ security before partnering with them. That includes reviewing their breach history and only working with third parties that meet recognized industry standards for cybersecurity. It’s also important to ask online platforms about their supply chain security measures, as 75% of third-party breaches come through partners. 2. Implement Stricter Access Controls Online learning platforms must be similarly careful about insider threats. These risks are common in education, as student bodies shift frequently. New users must gain access and old ones lose it each year, making it easy to leave too many accounts with access to sensitive systems. Tighter access controls are necessary to address these risks. Requiring multifactor authentication (MFA) is a good first step but is insufficient by itself. IT administrators must also implement the principle of least privilege so even authorized users can’t access or affect all data. E-learning platforms |
| Notes | ★★ |
| Envoyé | Oui |
| Condensat | 500 about access accessibility account accounts across adaptive address addresses administrators admins adopt advanced affect after all also alternative always amount annual another anti any anything apply appropriate are article ask assigning attack attackers attacks authentication author authorized automatically average balancing based basic because become becoming before begins beneficial benefit best better biggest bodies breach breaches budgetary budgets business but can can’t careful cases cause chain challenge challenges challenging choosing clear clearing collects come common comparing complacent complete considering constantly constrain constraints contains content context control controls cost course cover creating critical crucial current cybercrime cybercriminals cybersecurity cyberthreats data datasets decision defenses defined delete depth detailed details different difficult digital disenroll district does don’t each easy edtech education education’s educational effective embrace emerging emphasize employees endorse error especially essential even every expanded expanding experience exploited fact favorite financial finish first five follow frequently from gain gap giving good governance graduate greater grows harmed has have help highlights history hold host however human hundreds ideal ideally identifiable impact implement importance important include includes increasingly industry industry’s information inherently insider insufficient isn’t it’s its itself just kinds know knowledge lack landscape learning learning’s least leave less levelblue levels like lose lot maintain make makers making management many mapping market maximize may means measures meet mfa might minimizing more most moves multifactor multiple must names nature navigate necessary need needed needs new news not obstacles odds offers old once one ones ongoing online only organizations other over parties partnering partners party pass password penetration people period permissions personal personally phishing pii platform platforms platforms’ policies pose positions possible post potential practice practices prevent primary principle privilege privileges process prominent protect protection protections provided puts quickly ransomware reasons recognized regularly related reliable removing require required requires requiring resources responsibility reviewing revisit risk risks root safety school schools scrubbing seamless sector securing security see seem selective sensitive sessions set shift shifting should similarly single solely solution solutions soon specific spend spending staff standards standings starts step steps stop straightforward strategy stricter strong stronger student students such supply surface swelling system systems tackling target targets teachers technical technology testing tests than them these they’re third thorough those threat threats through tighter today too tools topics train training trends troubling under undergo unique updates updating use user users uses varying vast verify views visibility vulnerabilities vulnerable ways what when where which why will working world’s worth year young |
| Tags | Ransomware Tool Vulnerability Threat Technical |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.