Reputation is a precious resource for online Higher Ed. It drives your degree value and that drives revenue. Your school reputation online can be destroyed by criminals quickly in a breach. Because that causes scandal.
Criminals are one of the top causes of unwelcome publicity, fines and lawsuits. They get inside your system by impersonating others. Their goals may be financial aid fraud, cryptojacking, cheating, ransoms, records theft or just general mayhem.
Logging in as someone else is behind almost ALL data crimes. It only takes the right combination of username/PIN or password. That’s not much security.
Many student passwords are already available on the dark web for pennies. There are password cracking programs that can quickly grab weak passwords and defeat even the most complicated. Criminals have nothing but time. They constantly refine their methods. Do you work equally hard?
The only weapon against damaged reputation from online scandals is stopping imposters with identity authentication.
Authentication identifies the person, not the person’s device or what they type in a field. It sifts legitimate users from the criminals.
Stopping school reputation online threats typically takes two things.
1. Strong First Line Login Defense
You have to go beyond the username/password with another factor. Your choices:
· Something only the legitimate user IS, like biometric information (unique physical or gestural attributes) OR
· Something the user has or knows like their mobile phone (device) or answers to questions that only the real user knows
Unfortunately questions and answers are easily shared with others to cheat or engineered using public databases or social media. Devices can also be given to another person or stolen. The preferred authentication method is always biometrics.
Back end tools to detect potential impersonators are a must have.
Every action online leaves data behind. Fraud has various “tells” that a robust authentication technology can detect, for example:
· Logins from atypical IP addresses
· Logins using the same credentials from multiple IPs
· Logins that change historic usage patterns
No administrator looking at logs could possibly manage this kind of big data. It takes forensics to make sense of it and analyze what is a danger to your school. The goal is to identify atypical user behaviors when you can still do something about it.
If you can’t afford biometrics because of hardware costs, consider this. BioSig-ID is an authentication technology that can guard your LMS with biometric strength. It uses a smart password that students draw. Nobody else can forge the password because it’s biometric (drawing is a gesture unique to a person). Only the rightful user can login. It’s affordable and doesn’t require hardware or even downloads.
Benefits of authentication with BioSig-ID:
· Warns of potential grant fraud by flagging behaviors that indicate possible drop out
· Evidence of attendance which schools are required to do for compliance
· Reporting dashboard and real-time alerts that may prevent a severe breach
· Analysis of atypical logins which may indicate academic fraud
· Compliance with the latest identity requirements needed for new yearly audits – and accreditation
It only takes one negative story in the media to tarnish your school reputation online. And online that story lives on forever.
Maybe you think these activities are a cost of doing business and they happen to every school. Most schools now have measures in place to stop these crimes and protect their reputations.