Cyber security is an important topic for training providers, with cyber attacks having the potential to cause significant issues. Recently, ITECA highlighted the threats that providers in VET and higher education face by reporting they were called to assist an independent training provider that had been subjected to a cyber attack over the recent holiday break. The Australian Cyber Security Centre also noted that 67,500 cybercrime incidents were lodged with them last year, an increase of nearly 13% from the previous financial year, with some incidents involving tertiary education providers.
There are some useful Government resources that training providers can use, including:
However, it's also crucial to use a Student Management System (SMS) with information security measures in place.
We know that cloud-based systems are a key tool for successful training providers, due to benefits including increased flexibility, agility and accessibility for admins, managers, trainers and learners.
But, we also know there are a number of cyber security threats that come with operations being on the cloud. Your chosen SMS (and LMS) provider should have measures in place to protect your data.
Your SMS provider needs to be committed to industry standards throughout the software development lifecycle and the incorporation of information security into each phase of this lifecycle.
To achieve this, your SMS provider should have skilled staff that can deliver information security outcomes that are consistent with industry standards and expectations. This means having an Information Security Management System (ISMS), and continually maintaining and improving the ISMS to meet owners’, clients’ and legal requirements for information security.
Your SMS provider should maintain the certificate of registration against ISO27001 for their ISMS. ISO27001 provides requirements for an ISMS to enable organisations to manage the security of information and assets, and those who have been entrusted with such information and assets.
Essentially, being ISO27001:2013 certified means your SMS provider is taking a proactive approach to managing information security, and has confidence that information security risks are managed in line with industry best practices.
For any business, there is a chance that a data breach will occur. Your SMS provider should have a Data Breach Policy that outlines clear steps to deal with the incident.
To learn more about aXcelerate’s information security practices, take a look here.
Overall, your SMS provider should ensure availability, confidentiality and integrity for your information security needs.
aXcelerate is Australia’s number 1 cloud-based Student Management System and Learning Management System.
From starting out as an RTO, to developing our software and continuing to grow through many changes in the VET sector over the past 33 years, we’ve helped 900+ training organisations thrive with aXcelerate’s One System SMS/LMS solution.
Want to learn more about what you should look for in a Student Management System? Check out these articles:
VET moves fast. Stay informed, with blogs straight to your inbox.