Rule 1 - Security, Rule 2 - See Rule 1

It's almost impossible to do anything in technology nowadays without hearing about security risks. Your computer can get a virus, your cell phone can be hacked, the credit card swiper may have been tampered with...it's never ending. Some of these things you may be able to mildly ignore for a little while longer, but throwing caution to the wind when it comes to the security of your eLearning content, platform, and users is not something to take likely! 

When it comes to security, it's not necessarily about a "product", but more about policy and practices. I located a very interesting article by Najwa Alwi and Ip-Shing Fan (2010) titled, E-Learning and Information Security Management. This article is all about protecting your content, site and students. I recommend you read the whole thing, but I will give you the highlights here. 

There are 11 listed threats in the article, but when reading through them we can narrow them down into three general categories. 

1. Intentional mischievous attacks (hacking, viruses etc.)
2. Technical problems (System hardware failure, server problem, bugs etc.)
3. Human error (Making a change to the system that caused issues)

Take an intentional preventative course of action against all three of these, and you will at least have a head start on staving off problems. The first one may just flat out be bad luck, but you can do some things to help yourself safe. When it comes to hackers, they usually get in through a worthless password (usually "password" or "12345"). Don't even allow your users to use such passwords. You may have noticed a trend in online passwords that you have to use a capital letter, numbers, lower case letters, special characters and sometimes you can't have more that two matching characters in a row. I know it is tough to throw an exclamation point at the end....but it's the safe thing to do! There are settings within most LMS platforms that allow you to closely regulate what passwords will be allowed, as well as how often they should be reset. Set this stuff tight, it's a healthy dose of preventative security. 

Technical problems can be really tough, because you can't see them coming, and most of us mortal LMS users won't be able to do anything but call our LMS provider or host in a panic. Using a reputable provider with redundant servers and other fancy things that you and I won't understand is what we need to look for. Just ask them how they protect against the system going down, and then ask them to repeat themselves in English for you. 

Lastly, there is human error. The inevitable mistake of checking the wrong box, saving the wrong thing, overwriting something you didn't mean to do...or maybe not saving when you should have. From my experience, the best measure of control, is limiting access to the vitals to as few people as possible. The other measure of success I have incorporated is not allowing students to make account changes, and loading all student profiles through uploading an excel spreadsheet. I can very easily keep an excel spreadsheet with clearly labeled column headers. By keeping this on excel sheet, I can very easily make sure that all columns are filled in, and that they are filled in correctly. I upload new users on a weekly basis by building a spreadsheet based on a payroll report (how you get student data may vary wildly). I add columns to this report for password and user name, adjust their user groups as I need, and then I just upload the file to the LMS and all of these users are up and running immediately. 

Check with your LMS provider for the best way to get users uploaded, but all of them that I am aware of will work with excel spreadsheets, and many will work with CMR programs like salesforce.com. 

Be safe out there! 

Resources

Ribble, M. (n.d.). Nine elements: Nine themes of digital citizenship. Retrieved May 30, 2012, from http://www.digitalcitizenship.net/Nine_Elements.html