Importance of Securing Training Data

Lately, I have been thinking about the importance of securing data (in general) and the ethics around sharing this data. This applies to any instance of data, whether is social data, banking data, or in our more specific case, learning data.

We can define learning data as any information that is gathered when a person enrolls in a training platform, such as:

• Name

• Email Address

• Phone Number

• Course Enrollment

• Course Completion

It really depends on the training platform (LMS) to exactly define what kind of information to gather from the learners, but regardless, we can easily identify this data as being sensitive. So, why is it important to secure it?

Well, when the learners agree to share their information with the LMS, they consent to have the information stored within the platform, but very rarely they consent to have that information shared outside of the organization.

Sure, the data could be shared within different departments of the same organization for strategy and planning purposes, but when there is a breach and this data is exposed or is accidentally shared with third parties, the learners can be target of ads (as the most simple example) to phishing and identity theft.

To secure this data, it is important to have policies in place that prevent scenarios in which data is accidentally shared or the security is breached, but on top of that, security measures at a server level of the platform (IP whitelisting, SSH access) and platform login security measures such as password renewal policies and two-factor authentication, goes a long way to protect sensitive information.