Cybersecurity Awareness Month: Expert shares safety tips

Thursday, October 08, 2020

cybersecurityPart II: Ensuring cyber safety in virtual classroom

NOTE: In observance of Cybersecurity Awareness Month, Mercyhurst University Assistant Professor of Cybersecurity Dr. Christopher Mansour shares ways to safeguard students’ information when learning takes place in the virtual classroom. Although he primarily addresses parents of young children and adolescents in this report, it is a resource for any student engaged in remote learning. This is Part II in a series.

As always, start with a strong password. Parents should ensure that children’s passwords follow their respective school’s guidelines for creating a secure, random password that will be difficult for hackers to guess. If the school does not specify password guidelines, create a strong password yourself, preferably 10-12 characters, which is unique and not shared on other accounts. Research “password managers” if you need assistance. 

If possible, use two-factor authentication by sending a code via text message or phone call to access your account. This provides a second layer of security.

Second, most virtual classes are now using Zoom, an online video conferencing platform. One concern with Zoom is what is called “Zoom Bombing,” which occurs when a session is hijacked by someone who inserts material that is obscene, racist, or otherwise offensive in nature. To avoid Zoom Bombing, you can disable file sharing on your Zoom settings so that you will not receive unsolicited materials. 

If your student is presenting rather than receiving information, make sure to follow these six steps to avoid Zoom Bombing:

  1. Protect your meetings with a password.
  2. Do not share your meeting IDs with anyone other than intended participants.
  3. Use waiting rooms where you can admit participants.
  4. Stop participants from sharing their screens by default; as a host you can control that.
  5. Lock the meeting after it starts.
  6. Turn off file transfer.

Third, beware of social engineering and phishing attacks, both of which pose a major security risk to schools. These scams trick users into making security mistakes or giving away sensitive information. Students, teachers, or staff members who are manipulated into clicking on malicious links can provide cybercriminals access to the school’s network and precious resources as well as private information. 

The best way to counter social engineering and phishing attacks is through awareness and vigilance. If you or your student are unsure whether an email request is legitimate, verify it by contacting the teacher or the school. Make that contact using information provided on the school’s website, not information provided in an email.

Additionally, ensure your email security is current and that you have advanced protection for all your devices and systems to protect against malware, ransomware, exploits, and viruses.

Fourth, secure your Wi-Fi network at home by confirming that the router is using a strong password, firmware is updated, and router’s admin credentials were changed from the original factory settings. Turn on the router’s firewall. 

If the school issued your student a computer, use that computer only for schoolwork as the IT department would have configured it with the appropriate security measures. If your student uses a device that you purchased, make certain the computer is updated with the latest software, which ensures it has the necessary patches against any vulnerability. Furthermore, consider installing a filter profile on home devices to safeguard your children from inappropriate content.

Fifth, beware of cyberbullying, which can occur anywhere students view or share content. Some of the common places that cyberbullying occurs are Facebook, Instagram, Snapchat, Tik Tok, text messaging, online chatting, email, and online gaming. 

Cyberbullying is one of the leading causes of depression among teens and young adults and something parents should monitor vigilantly and report to the appropriate authorities.  

In summary, parents: be sure to monitor your students’ activities on their learning management system and online in general. Check whether they are attending their classes, doing their homework, and look for any signs of bullying or being bullied. Do not overshare information online. Talk to your children about the importance of not sharing their passwords and of not believing everything that they see online unless provided by trusted sources.