Following the much publicised ‘WannaCry’ ransomware attack last month, and the more recent new stories emerging about a second attack dubbed ‘Petya’, we’ve found a lot of our conversations, both with clients and colleagues in the industry have centred around Moodle security.
In the education sector particularly, data security is an incredibly important issue. As more and more sensitive data is stored and accessed online, how can we be sure that we have sufficiently robust security in place to prevent unauthorised access?
In this post we’ve looked at some of the most common issues which should be addressed, focusing particularly on Moodle – although many of these observations apply equally to other web based systems.
Many cyber attacks focus on vulnerabilities within the code of a software platform. Once a vulnerability has come to light, the software author or vendor will usually release a patch – a small bit of code which can be applied to the software to fix the issue.
It’s important that schools ensure they are aware of the most recent security patches available for any item of software which they use, and that these are applied correctly and in good time.
In some instances, a piece of software may become outdated to the point where the author or vendor no longer issues updates or patches. An example of this would be Microsoft’s Windows XP, which has been implicated in some of the recent cyber attacks.
Schools should ensure that any software used is currently supported, and where it is not, the software should be upgraded or replaced urgently. Not all intrusions will be as visible as the recent ransomware attacks – attackers could be quietly accessing and stealing sensitive data without it being obvious to the users.
Titus Learning provides a complete update service to each of our clients, which includes the most recent Moodle security patches, ensuring all our installations are updated to the most secure version of their branch.
We also provide free major version upgrades as they are released by Moodle HQ, and can advise schools on the best time to upgrade to minimise disruption to the day to day use of the platform.
Of course, should something go wrong with your learning platform, whether due to a security failure or a hardware issue, it’s vital that the issue can be fixed as quickly as possible, and normal service resumed. Regular backups are crucial to minimising the disruption and loss of work caused by such a scenario.
Schools should ensure that a robust backup policy is in place, with backups stored in multiple locations, and that the backup and restore process is tested regularly.
At Titus Learning we take regular offsite backups which are stored at one of our UK data centres, or within our Amazon Web Services cloud infrastructure, as well as local backups to a server onsite at the school.
We’re always happy to address any concerns you may have about Moodle security, upgrades or backup. If you have a specific question, please get in touch with our team.