Never miss a beat with the latest in VET news delivered straight to your inbox.
Cybersecurity is not the responsibility of one individual but the entire network of your RTO, working collaboratively to maintain and protect, arguably, your RTOs greatest resource. And with the new year in full swing, now is the best time to take a refresher on security skills and practices to avoid getting into strife!
Follow these simple tips to help minimise any risk to your training organisation.
Learning is always the first step. After all, how can you expect your team to protect your RTOs precious data if they are blind to the potential risks?
Create policies, documents and procedures outlining what is an acceptable standard when accessing data, emails and the internet. To ensure everyone stays updated, make sure all new employees are sufficiently educated on data safety during induction and regular staff take a quick refresher course every 6 months.
Does your Student Management System have a ‘Business Continuity Program’ (BCP) or Disaster Recovery Plan (DRP) in place? These plans and programs ensure a process is in place to prevent damage or recover data if it becomes endangered. If you’re concerned ask for the results of your SMS’s latest vulnerability test or you can ask for an outline of the current security processes they are employing to keep your RTOs data secure.
With high-risk programs set up a two factor-authentication. Yes, adding that extra step to your login process can be a hassle and eat up a little bit more of your time - but adding that added layer of protection could be the difference between compromised or secured data.
The easiest step that everyone in your RTO can take is to upgrade their password security practices and the best tools for this is a password manager. These tools can help keep your accounts safe by identifying weak passwords, improving them and managing them after you have changed them.
Technology may be slowly taking over every aspect of our lives, however, some of it still remains paper-based. For some generations, paperless data may be all they know. If you have younger generations working with you, they may not realise that they have just broken the Privacy Act by throwing that student's personal details in the trash - instead of the shredder. Similarly, mature generations may be more susceptible to phishing scams. Make sure your data security procedures cover all bases and generations.
Making sure that your software, operating systems and permissions are up to date is an essential step to ensuring that your RTO stays secure. An easy way to prevent these incessant updates from getting in the way of work time is by allowing your software and operating system to update automatically overnight or on weekends, preventing disruption of regular workflow and reducing the risk of data compromisation.
Stay across exactly which staff members and teams have access to which data. This comes in handy when access may no longer be needed for a particular user and credentials must be removed. You will know exactly which areas need reassessment.
Seeking some more simple password tips? Check out and share these 5 handy hints.