How can global workforces adapt?
By CyberArk
Online learning is in high demand with the pandemic. How can we ensure these platforms to upskill remain secure?
Be it fresh graduates or those going through a mid-career switch, online learning sites will be an important tool for finding some semblance of stability and hope in the midst of very uncertain times. But this surge in users brings greater cyber risks.
Here are the potential threats facing online learning platforms in this period, and what they can do to secure their sites and protect their users.
The rise of online learning platforms
Acquiring new skills, it seems, has become a big part of the new normal. Online learning platform Coursera welcomed 10 million new users between March and May this year, seven times more than what they had last year, reported The New York Times.
The pandemic only accelerated a wider trend that was already in motion, however. Jobs have been disappearing and changing for years now, thanks to technological advancements. Half of today’s job scopes can be automated just by adapting tech that we already have, according to consulting firm McKinsey & Company.
Some governments, like Singapore’s, are prioritising reskilling opportunities for citizens in their Covid response. Singapore announced in late May that it will channel more money to help businesses and workers cope with the impact of the pandemic. This includes expanding the capacity of a skills training programme for about 30,000 people.
Why cyber security is important
There are plenty of digital training platforms on the internet - governments from Singapore and Mexico have even set up their own portals for individuals to learn in-demand skills, and for employers to provide retraining opportunities.
With the surge in the number of users this period, these platforms may be more exposed to cyber risks than ever before.
In the world of cyber, with great numbers come great risks. The more users a platform has, the more vulnerable it is to hackers, experts say. Many of these online learning platforms use cloud computing and are open source in order to be accessible to as many as possible, making the surface of attack even larger.
Cyber security is especially pertinent for these types of platforms, given that its users range from government officials to big tech companies. Malaysia’s digital economy agency used them to teach businesses and government data science skills; a polytechnic in Singapore uses them to discover new teaching approaches; and Google uses them for workforce training. Such platforms are also important for fresh graduates seeking more training to land their first job.
These online learning platforms need to be easy to access and secure for its users, no matter which type of device they use. Employees attending company training would access the site through their work devices, which would likely have some sort of security measures in place. Fresh graduates, on the other hand, may be accessing these sites from their home networks and personal devices, which may not be sufficiently protected against cyber hacks.
When the pandemic hit, employees had to switch quickly to remote working and set up personal devices to access company networks. In the rush to get connected, there is a risk that employees are accessing sites through insecure devices, such as those that have been left in their default factory settings.
What’s more, there’s no room for second chances when it comes to cyber security. Once a service has been compromised before, it will be difficult to regain users’ trust. The Taiwan government has banned the use of Zoom across all its agencies after the video conferencing tool was hacked. Companies and schools around the world have imposed similar restrictions on the platform.
The solution
Online learning sites need to find a simple way to secure their resources, while remaining accessible to both the fresh graduate and the employee of a high-security company. With the large number of users, it may be trickier for security teams to keep track of what information each user accesses, as well as when and for how long the access takes place.
Tools to manage each user’s level of access on the site can help. For instance, CyberArk’s security tools alerts cyber response teams to anomalous behaviour, so they can quickly shut down a suspicious account’s access to other information on the learning platform. “The greatest risk organisations face is – contrary to popular belief – containing attackers who are already inside the system, not preventing the initial infiltration,” said Adam Bosnian, CyberArk’s executive vice president of global business development.
This means hackers won’t be able to reach the entire site’s network through just one account. The site doesn’t have to depend on the security of each user’s device to be protected from cyber threats. This is especially crucial for personal devices, which are not configured to restrict what files users can download.
Privileged access is the gateway to an organization’s most valuable assets and is at the core of nearly every major data breach. A good privileged access management (PAM) tool should be able to secure services whether they are in the cloud or on a local network. This is becoming increasingly important as companies shift to the cloud for storing data and building new services.
Privileged management – as part of a broader defense in depth strategy for endpoints – is essential for containing cyber attacks early in their life cycle. PAM allows organisations to efficiently remove and manage local admin rights and provide only the necessary levels of access for their jobs. This solution also enables flexible just-in-time access and enforce application control to keep remote workers productive and secure.
The world is currently going through one of the biggest shifts in the job market we’ve ever known, because of both digitisation and the pandemic. Individuals and companies alike will be turning to online learning platforms to help adapt to these changes, and securing these platforms will be crucial in protecting the masses.
Be it in the fight against the pandemic or cyber threats, the key is to remain vigilant and to plan for the long term. Find out more on how to keep your critical assets, workstations and remote users secure.