Lohrmann, D. (2020) Online learning still struggles – especially with security, government technology, September 20

Eckhart, B. (2020) To use or not to use virtual private networks, Inside Higher Ed, September 18:

These two articles quite separately deal with a key issue in the use of online learning: security.

More secure systems needed

Lohrmann lists a number of cyber security attacks on both k-12 and higher education online learning programs:

Cyberattacks on school districts are nothing new….In fact, there have been nearly a thousand such incidents since January of 2016, according to the K-12 Cybersecurity Research Center.

Meanwhile, global cyberattacks against universities have been increasing. The UK’s National Cyber Security Centre (NCSC), a cyber arm of the Government Communications Headquarters, issued a warning in the past week about the scope and impact of these threats increasing.

Online learning pre-Covid was mainly a niche sector of education. The occasional security breach, while serious, was not so devastating. Now, though, when education systems are completely dependent on online access, the cybersecurity of systems becomes essential. It’s a sad reflection on the morality and lack of conscience of hackers that see value in interfering with the education of children and students, but it is a reality we have to live with.

Lohrmann notes that in the USA no national cybersecurity standards currently exist for the education sector, although has established a working group to help develop such standards for the start of the 2021-2022 school year.

In Canada, the Canadian Centre for Cyber Security Learning and Innovation Hub offers courses on basic, advanced and specialized topics in cyber security for employees of the Government of Canada and those who work on systems of importance to the Government of Canada, although this program is now suspended during Covid-19. GetCyberSafe is a national public awareness campaign to educate all Canadians about cyber security and the steps they can take to protect themselves online. 

However, I could not find anything about cyber security standards for education in Canada. It appears that this is being left to individual institutions, or at best, school boards. As I am not a specialist in this area, if anyone knows of national or provincial initiatives to protect the security of online learning in Canada, please let me know. If we don’t have such an initiative, we need one now and not some time in the future.

Online access for international students

Many institutions are now reaching out to their international students to deliver programs online, due to Covid-19. However, a good number of countries regulate or limit access to the Internet beyond their national boundaries, or monitor internet activities for security or socio-political reasons.

To get round this problem, some institutions have been issuing international students access to a virtual private network (VPN), which enables online privacy and anonymity by creating a private network from a public internet connection. VPNs mask your internet protocol (IP) address so your online actions are virtually untraceable. More importantly, VPN services establish secure and encrypted connections to provide greater privacy. 

However, this is not a good idea, according to Bob Eckhart. ‘Your students can get in trouble without realizing the severity of unlawfully entering forbidden spaces on the internet.’

Currently, a handful of governments either regulate or completely ban VPNs. Those currently include Belarus, China, Iraq, North Korea, Oman, Russia, and the U.A.E., to name a few. Still others impose internet censorship laws (such as Iran), which makes using a VPN risky. Thus by making students use a VPN, you are encouraging them to break national laws that often have severe penalties.

Ekhart has a number of alternative solutions:

  • create courses using national platforms (such as in China using VooV instead of Zoom, or QQ instead of an LMS)
  • avoid using applications that require lots of bandwidth, as Internet access can be highly variable (although that would apply equally well here in Canada)
  • use email, especially for student assignments.

Of course this may seem to be another reason for institutions to avoid delivering programs internationally online, but it should be noted that these solutions are often just as relevant here in North America as elsewhere. There is no single technological solution that works for every student. Technology standardisation saves money, but flexible solutions are needed where there is a great deal of variability in the system.

Also, cyber security is going to get more not less important for online learning. This is primarily an issue for IT departments, but all instructors have a responsibility for ensuring that their students are able to study online in a safe and secure environment. This means talking to your IT specialists before you go online. It also means being aware of the risks to students in countries with different standards regarding online privacy and security.

I will try to find a less depressing topic for my next post.


Please enter your comment!
Please enter your name here