Since the onset of COVID-19, online learning has been transformed into a standard part of the school day for students and teachers around the globe. While virtual learning may help schools safely continue operations during the coronavirus pandemic, the framework does pose new cybersecurity risks as students and teachers log into the virtual classroom. Tuesday is National Online Learning Day, and to mark the occasion, we’ve highlighted a roundup of cybersecurity best practices as schools use a combination of hybrid and in-person learning in the months ahead.
“The reality is that [National Online Learning Day] has taken on a far greater significance in the past 18 months since the world began dealing with the effects of the COVID-19 pandemic,” said Mathew Newfield, CISO at Unisys. “While the hybrid or virtual model for schooling remains a reality for many families, either by choice or by circumstance, it also brings with it expanded cybersecurity risks, both for our nation’s children and their family members who are working from home.”
Cybersecurity tips for online learning
During the coronavirus pandemic, many remote workers have also served as caregivers for other members of their households, including students learning online due to COVID-19. While juggling remote work responsibilities or as workers return to the office, it’s not always possible for adults to oversee their child’s online learning or web surfing behaviors. Situationally, Newfield suggested parents seek software support.
“If a parent is unable to fully supervise a child while they’re doing school work, there is ‘nanny software’ that people can invest in that helps monitor what their families are doing,” he said. “This software can be used as a lesson to teach kids what websites are or are not appropriate as well as provide a regular report on a child’s online activity.”
Additionally, Newfield said students should verify all of their hyperlinks by looking at the URL domain and use search engines to independently verify links if they have any doubts. Students can also use their mouse arrow to scroll and hover over links before clicking to make sure this link is taking them to the appropriate webpage, he said.
SEE: Security incident response policy (TechRepublic Premium)
Enabling network security has been a primary focus for organizations shifting to remote operations, as students and employees log into the virtual classroom on their home networks via a mixed bag of personal and school-provided devices. On this topic, Newfield recommended households secure their hardware using patching, latest firmware updates and learning about model-specific security risks to protect their devices and home network.
Additionally, he emphasized the importance of changing default passwords and using the standard best practices (a mix of upper- and lower-case characters as well as numbers and special characters) when updating these passwords.
“The basics of password management and proper cybersecurity hygiene should ideally extend beyond the home and into the classroom,” said Katie Petrillo, director of product marketing for LastPass. “Children should be taught that while the internet is an accessible and useful tool, there are many potential dangers.”
Password managers are a popular option for people juggling multiple platforms, user IDs and passwords throughout the day. Rather than going about these individual logins piecemeal, a password manager acts as a master key of sorts to securely enable access. To assist with remote learning, Petrillo said password managers should also feature “added regions and language tags to allow users to navigate with screen readers and keyboards.”
Home learning environments and communication
The location of a home workstation is an important consideration for parents looking to minimize distractions such as television, toys and pets during the school day. However, these proximal considerations could also help boost cybersecurity. For example, Petrillo suggested placing the computer in a “highly visible area” such as the family room or kitchen, on top of setting internet browsing limitations and “being open with children about the dangers of sharing sensitive information.”
SEE: How to manage passwords: Best practices and security tips (free PDF) (TechRepublic)
While older students may already be privy to the latest cybersecurity best practices when learning online, younger students may need a bit more coaching ahead of the virtual school day. There are a number of strategies parents with younger children can use or teach to help elementary students learn online.
“It’s important that families keep an open mind and keep the discussion lines open when it comes to working with young children doing their schooling at home,” Newfield said. “In particular, it is imperative to establish clear boundaries about what is expected, as well as educating them on the cyber risks they might face in a way that is relatable to them.”
To accomplish this, he suggested parents explain to children that devices used for the school day are their “work system” not a “play system” and are intended for only school use, as well as broach conversations with children about cyber safety.
“It’s important to build trust so that if your child is concerned about something they see on the internet, they can ask you without fear of reprisal,” Newfield said. “Help them understand the dangers that can come with being on the web, and don’t be afraid to ask them if they’ve come across anything out of the ordinary online.”
While many schools have returned to in-person learning in recent weeks, some schools have been forced online due to surging cases spurred by the delta variant. At the same time, many professionals are still operating remotely to mitigate the spread of COVID-19 at the office. That said, in the age of remote learning and hybrid work at scale, protecting the home network goes well beyond the virtual classroom.
“As our reliance on technologies like home Wi-Fi has increased, so has the number of criminals seeking to exploit vulnerabilities in unsecured Wi-Fi networks and/or the number of devices connected to it,” Newfield said. “In short, every single person in your household needs to keep your cyber defenses up, whether it’s for work or school.”