Chike Patrick Chike, University of Maryland Global Campus adjunct assistant professor of cybersecurity, teamed with cybersecurity graduate student Olubusayo Ladelokun to discuss challenges related to online and hybrid learning—and outline remedies—during the Oct. 14 session of the university’s Cybersecurity Awareness Month webinar series.
UMGC has been a pioneer in online learning modalities for decades. The session offered a timely tutorial for the many other schools—K through higher education—forced by the COVID-19 pandemic to quickly adopt a blended e-learning approach that are new to navigating its inherent challenges.
Communication and access are among the key issues faced by students in an online or hybrid environment, according to Chike, who holds a Doctor of Science from Capital Technology University. “Gaps in learning may occur if students and professors fail to establish rapport and one-on-one friendly relationship with one another.”
He added other challenges that may arise include the elimination of office hours, a lack of timely feedback for students—and students’ own lack of effective communication strategies. Often, students who may thrive in a live classroom may lack the discipline or self-confidence to engage in online learning activities, Chike said. “Students who lack the maturity, commitment, self-discipline, skills and motivation may lag behind.”
Of concern also at a time when most students are learning online—the lack of access to computers and an internet connection. Chike pointed out that even students who do have suitable hardware may lack a stable connection or the necessary patches and updates to perform their work. Other technical issues may impede students’ ability to learn online. “[They] may experience difficulties logging into their school portal to access resources,” noted Chike.
Ladelokun, a UMGC Center for Security Studies scholar, enumerated some of the most common security issues that educators and students face in an online or hybrid learning world. Notably, those issues include deliberate software attacks, technical failures due to human error, deliberate acts of unauthorized access, and deliberate hardware failures.
He noted also that students without Internet access who use free Wi-Fi at cafes, restaurants, airports and similar locations to work on their assignments, risk exposing their machines and their university or other school networks to hackers and cybercriminals. Additionally, social media puts students at risk.
“Ubiquitous use of social media on campus enables the hosting and spreading of malware and viruses through social media sites, making it practically impossible to permanently block access to social media on a school’s network,” he said.
Chike and Ladelokun, who agreed that educators and schools face a host of challenges and attack vectors when delivering or receiving material in an online or hybrid environment, devoted much of their presentation to security-boosting recommendations.
Easy to implement tips for improving communication between teachers include enhancing instant messenger chat features to make communication more interactive, softening assignment deadlines to increase flexibility for students. and adopting a learning management system such as Blackboard to improve the educational experience, Chike said.
He offered, as well, several options that schools can take to improve access. They can boost e-learning through partnerships with internet service providers, enhance IT support teams to lengthen the time available daily to assist faculty and students, provide support for posting recorded Zoom sessions online for students to review, and develop a sandbox or thin client infrastructure for students to log on and engage in hands-on practice with information security tools.
“Schools may consider allowing library internet access to students while implementing social distancing rules and regulations,” Chike added, although that would depend on local COVID-19 regulations.
On the security front, Ladelokun focused his recommendations on ways to combat availability, authentication, and integrity and confidentiality attacks. “Using an IDS/firewall to detect attacks and providing regular backups will help prevent availability attacks,” he said, adding that biometric-based security mechanisms can mitigate authentication attacks, and digital signature algorithms can ward off integrity attacks by preventing data and other information from being modified. Confidentiality attacks, which display private and secret data to unauthorized users, can be countered by implementing digital rights management, strong cryptography mechanism and authorization, Ladelokun said.
Beyond the tactical, he and Chike asserted that institutions also must implement policies and training. “The internet is the backbone of e-learning, so establishing a strong information security management (ISM) policy with enhanced authentication and encryption techniques is key to security,” said Chike. Because students use advanced mobile devices and portable internet access systems with upgraded versions of operating systems that often infect the network, institutions must develop strategies to accommodate students’ learning without compromising security and privacy, he explained.
In addition, educational institutions must provide cybersecurity awareness training programs that highlight techniques for avoiding cyberattacks and data breaches. “They must develop other robust mechanisms to engage in continuous education without being encumbered by communication, access and security issues,” said Chike. “And they must deploy effective data governance mechanisms to prevent information leakage, data exfiltration, or data breaches.”