Att lära säkert - IT-säkerhet i Nätuniversitetets distansutbildningar

Abstract

The current higher education, both distance education and traditional campus courses, relies more and more on modern information and communication technologies (ICT). The use of computer systems and networks results in a wide range of security issues that must be dealt with in order to create a safe learning environment. In this work, we study the security status within the Swedish Net University, where several universities collaborate in order to offer ICT supported higher education distance courses. The total ICT-security is defined as a combination of computer security and information security, and the focus in this work is on the information security. The four main components of the information security that are used in the study are: confidentiality, integrity, availability and accountability. The data gathering was made in two steps: first preliminary interviews then the main questionnaire. The interview respondents were a small number of students, teachers and ICT-experts at various universities, and the results of this preliminary study were then used to complete the questionnaire. The main questionnaire was sent to approximately 700 students, 100 lectures and 50 ICT-pedagogues. The answers were analysed both quantitatively and qualitatively. However, due to a relatively low answering rate, we must point out that the conclusions made are based on these limited results, and are therefore not necessarily generally applicable within the distance education. The results show that both teachers and students involved in distance education consider that they have relatively good basic competence regarding the use of various ICT-resources. In addition, they consider that the computers and network connections they are using have adequate technical standard. However, the respondents also express a need for more information and training in various areas that are directly connected to information security issues. What is more, both students and teachers require that adequate computer support is constantly available. Several respondents have not developed procedures for backing up files in a regular basis. There seems also be some uncertainty concerning which measures should be taken in order to protect computer system from viruses and also what should be done if the computer is infected. Many teachers consider that the risk for cheating, especially for plagiarism, is greater in the distance education than in campus courses. These teachers also spend more time to prevent this problem in distance courses, and may have special procedures in order to detect plagiarism. Even if several security issues are indicated, most of the respondents consider that the general ICT-security in distance education has a relatively high standard. This may be a sign of some discrepancy between the users knowledge and their actual behaviour when they use the computer systems.