We're hiring for a range of exciting new roles - if you'd like to join the team, click here to learn more



Stay in the loop

Never miss a beat with the latest in VET news delivered straight to your inbox.

What to look for in an SMS when it comes to information security

February 11, 2022

Cyber security is an important topic for training providers, with cyber attacks having the potential to cause significant issues. Recently, ITECA highlighted the threats that providers in VET and higher education face by reporting they were called to assist an independent training provider that had been subjected to a cyber attack over the recent holiday break. The Australian Cyber Security Centre also noted that 67,500 cybercrime incidents were lodged with them last year, an increase of nearly 13% from the previous financial year, with some incidents involving tertiary education providers. 

There are some useful Government resources that training providers can use, including:

However, it's also crucial to use a Student Management System (SMS) with information security measures in place. 

Why should you use a cloud-based SMS?

We know that cloud-based systems are a key tool for successful training providers, due to benefits including increased flexibility, agility and accessibility for admins, managers, trainers and learners. 

But, we also know there are a number of cyber security threats that come with operations being on the cloud. Your chosen SMS (and LMS) provider should have measures in place to protect your data. 

What should your SMS provider be doing to strengthen cyber security? 

Your SMS provider needs to be committed to industry standards throughout the software development lifecycle and the incorporation of information security into each phase of this lifecycle. 
To achieve this, your SMS provider should have skilled staff that can deliver information security outcomes that are consistent with industry standards and expectations. This means having an Information Security Management System (ISMS), and continually maintaining and improving the ISMS to meet owners’, clients’ and legal requirements for information security. 

Why should your SMS provider be ISO27001:2013 certified? 

Your SMS provider should maintain the certificate of registration against ISO27001 for their ISMS. ISO27001 provides requirements for an ISMS to enable organisations to manage the security of information and assets, and those who have been entrusted with such information and assets. 

Essentially, being ISO27001:2013 certified means your SMS provider is taking a proactive approach to managing information security, and has confidence that information security risks are managed in line with industry best practices. 

What happens if there’s a data breach?

For any business, there is a chance that a data breach will occur. Your SMS provider should have a Data Breach Policy that outlines clear steps to deal with the incident. 

To learn more about aXcelerate’s information security practices, take a look here.

Overall, your SMS provider should ensure availability, confidentiality and integrity for your information security needs.

Did you know?

aXcelerate is Australia’s number 1 cloud-based Student Management System and Learning Management System. 

From starting out as an RTO, to developing our software and continuing to grow through many changes in the VET sector over the past 33 years, we’ve helped 900+ training organisations thrive with aXcelerate’s One System SMS/LMS solution.

Learn how we can help your training organisation here, or chat with us to see how we can work with your requirements and training management goals here

Want to learn more about what you should look for in a Student Management System? Check out these articles: 

Get the latest VET news and insights

VET moves fast. Stay informed, with blogs straight to your inbox.

Enjoy this blog? Please share using the buttons below