Cybersecurity Best Practices for Remote Learners
As so many students and parents navigate remote learning again this Fall, there is an abundance of helpful online articles providing suggestions on how to create designated learning spaces, minimize distractions, set schedules, communicate with teachers, and above all, keep a positive attitude (and perhaps an adequate selection of wine for mom and dad).
With students now spending the majority of their days online, it is never too early to teach cyber awareness to the next generation. Schools can help by mitigating ongoing cybersecurity risks and providing information security best practices within their distance learning plans. Some basic best practices for students that can also be shared with employees, are listed below:
1.) Think before you click!
Remind all students (and parents) of the risks associated with clicking links and opening attachments from unknown senders, and the need to verify the legitimacy of an email before responding or providing any information. With so much information being consumed daily from news outlets, public health agencies, and schools as their plans for the Fall semester are continuously changing, it is not uncommon for an anxious parent to quickly open an email that claims to be an update from their child’s schools without taking the time to carefully review and look for any indications of fraud. Schools should not be asking for sensitive information via email, so think twice before responding to emails requesting it.
2.) Keep ALL systems updated
With both the parents and the kids at home working and schooling on the same network, a failure or breach of one person will quickly spread to all the others on the same network. Encourage families to verify their home wireless routers, as well as the operating systems, web browsers, and applications on all devices used for remote learning are automatically installing security updates and software patches. Anti-virus and anti-spyware software should also be installed and kept up to date. Some colleges provide anti-virus software at no charge for students, faculty, and staff. Some schools may also be providing students with dedicated devices for remote learning, but many students are also using personal devices to access school materials, so it is important to keep those devices secured and up to date.
3.) Use secure Wi-Fi connections
Remind students and parents to verify their home Wi-Fi network is password-protected (and not with the default password!).Secure connections will keep strangers from easily accessing your network. Consider setting up separate virtual networks for each person or group (i.e. “work” network for parents, “school” network for the kids) to provide some separation.Even better, create separate virtual networks for your family and another “guest” one for friends or relatives who come to visit and need access.This way any malware on their device(s) cannot spread across the network and infect your family as well.
4.) Use strong passwords
Reinforce the need to create strong passwords and explain why it is important not to share passwords with anyone else. Use unique passwords for each website/application; if the same password is reused for more than one computer, account, or website, all of those systems can be compromised if one account is. For younger students, parents will want to be the ones keeping track of passwords and logging in as necessary.
5.) Check privacy and security settings
Review and adjust privacy settings on web applications, games, social media, and video-conferencing tools so student profiles are set to the strictest privacy setting, and check the safety and security settings on any new programs that are downloaded. Use parental controls to help block child accounts from accessing specific websites, applications, or functions. Parental controls can also help monitor a child’s use of connected devices and set appropriate time limits (although, I think we can all agree any guidance on the recommended amount of screen time has gone out the window in 2020!).
6.) Practice video conferencing
If students are Zoom-ing into class or using other video conferencing software, teach them appropriate online etiquette and practice the application controls including how to share camera, adjust the volume, view participants, and mute/un-mute (If I had a dollar for every time adults on conference calls fail to unmute themselves before speaking….well, perhaps we can all do our part to make the next generation more capable!) Also remind students that everyone can see them at all times so they need to behave appropriately.
7.) Preach the importance of online behavior
With younger children online much more than many parents previously allowed, it is important that they understand the implications of posting or sharing too much information. Tell them that anything they say online should be able to be said in front of their entire school, family, and church. Also be aware of the risks of cyberbullying, as well as potential online predators, and explain to your students the consequences of acting inappropriately online. It may feel like they are being “watched” less than in the physical classroom, but stress that they are still expected to act responsibly and to report any unusual behaviors or requests they receive online.
8.) Interact with students’ online environments
Parents should view and play with their kids’ online environment as much as possible in order to fully understand their online world. Knowing the web applications, games, and social media sites kids are using allows parents to make sure they are age-appropriate and are being used safely. Parents can also learn how to limit messaging or online chat and location-sharing functions, as these can expose students to unwanted contact and inadvertently disclose physical locations.
Additional guidance from our Offensive Security team below:
[Wallace]: Whether your remote learners are in a shared space, or their own rooms, help them to be mindful of what's in the background on video calls. Turn on the camera and take a good objective look at the space in open view. Practice good Operational Security by removing personally identifiable objects, and any sensitive data written or printed in the field of vision.
Along with practicing the controls for conferencing, ensure they have a good grasp on how to do some basic troubleshooting in the event that their peripherals fail, including Wi-Fi connections. Knowing how to check or replace batteries on wireless devices, re-seating headset connections, or changing devices on the fly will make for a smoother day for both you and your remote learner.
Also, don't forget to back up their important work regularly! Many of has have experienced the heartache of drive failure, at the most inconvenient of times. While some schools may be providing dedicated devices with services that automatically save to the cloud, not all remote learning platforms are the same. Ensure that your remote learner doesn't lose work by asking where important work is saved. If they are saved locally, provide a dedicated external drive or network device for your learner to back up important files to, and add it to their regular routine.