Are all LMSs Safe? Here’s What You Should Know
So the COVID19 pandemic has forced most schools around the world to shutter their physical doors and open their virtual ones. Parents and kids have tackled the hurdle of replacing the traditional schooling routines with online ones facilitated by learning management systems (LMS). What’s the next big issue in education? The Safety of these LMSs is undoubtedly the next big concern for parents who prioritize online safety for their kids.
Understandably, when the pandemic first struck, not much attention was paid to the security levels on LMSs when they were first being introduced as replacements for physical teaching. The priority was ensuring that the worlds’ children did not suffer too much academically as we all embarked on an era of physical distancing.
While education leaders around the world were busy acquiring and rolling out various LMSs, numerous dangers lurked online. This was nothing new though. All online activities are prone to security issues, LMS related, or otherwise. Some software and programs may be more secure than others but the landscape of the online world changes at a rapid pace and so do the competencies of those who use their knowledge of cyberspace for evil. Hackers are perpetually busy devising ways to breach firewalls and skip below online security protocols to access sensitive data and in the case of online child predators, get to children online.
Some of the security risks that LMSs (and by extension their users- your kids) face include:
- Cross-Site Registry Forgery
- Session Hijacking
- SQL Injection
- IP Spoofing
- ARP Cache Poisoning and MTIM Attack
- Cross-Site Scripting
And new dangers keep popping up as hackers and online scammers devise new ways to breach websites and platforms.
For many parents and educators, the urgency of ensuring that some form of education continues is no longer as powerful as a few months ago. The next big thing on the agenda is therefore online safety and finding solutions to questions such as are our kids safe while using these LMSs? What guarantees are there that parents can rely on? And what makes one LMS safer than another?
The first thing to note is that most LMSs have safety features written into their designs. At the very least, the LMS being used by your child should include:
A secure sockets layer (SSL).
This feature encrypts data to make it inaccessible to would-be hackers. You can tell if the site has an SSL by looking for a tiny green padlock at the top left side of the screen.
Established User Access and Roles.
This means that each category of a user in the network has boundaries in terms of the type of action they can embark on online. A student, for instance, cannot access examination results scoresheets that are not his.
Login and Authentication: the platform should require users to follow a log-in process (using established and user-specific passwords) and some form of authentication should happen at some point. This prevents users who are not members of the group using the platform from getting into the accounts.
An SSO (Single Sign-on).
This feature helps to mitigate against lost login information such as passwords by facilitating the use of the same login credentials on multiple platforms.
Of course, we all want that perfect foolproof online learning system for our kids. But alas, no perfect LMS exists, at least not yet. And so even with the basic security features mentioned above, design flaws and gaps in the technology open the systems to misuse and breach which in turn puts the users at risk. And as a parent, you need to be aware of these risks so that you can take the necessary steps to protect your kids online.
In essence, therefore, no LMS is totally secure but some have a higher level of security than others. The type and caliber of security features built into their design really determine the marks they get for security.
And since LMSs aren’t foolproof, parents must do their part to ensure that children are safe in the digital world. This includes installing a firewall and antivirus software, installing monitoring software to detect and prevent undesirable online interaction.