So, 90 days ago we issued a challenge to John Baker, CEO of Desire2Learn; Michael Chasen, CEO of Blackboard; and Ray Henderson, President of Blackboard Learn, to participate in an annual open security audit. Why? Because we believe that hiding security vulnerabilities in the LMS decreases the likelihood they will be repaired and increases the likelihood they will be exploited.
The ostrich algorithm is ignoring a problem in the hopes that it will go away.
They are keeping their security practices closed and secret. I wish I could say I was surprised, but I'm not. This is how legacy enterprise software companies usually behave, to the detriment of their customers.
We will kick off our second annual open security audit in Q4. We invite any and all education companies to participate. We think education should be open, safe, and secure -- and that corporations should be held accountable for their claims.