OpenOLAT handles course management, assessments, and collaborative learning content. Harden Java stack updates, role permissions, and exam-related workflows.
¶ 1) Secure authentication and admin boundaries
- Integrate enterprise SSO and enforce MFA at IdP.
- Restrict global admin and institutional manager roles.
- Review course-level rights for coaches and tutors.
- Rotate service credentials for integrations.
¶ 2) Protect assessments and content
- Restrict who can create/edit exams and grade schemas.
- Limit public access to course materials and exports.
- Enforce upload restrictions and scan submitted files.
- Audit grade changes and exam result corrections.
- Keep OpenOLAT and JVM patched on schedule.
- Keep database and search/index services private.
- Enforce HTTPS with secure transport settings.
- Encrypt backups containing learner and grade data.
- OpenOLAT documentation wiki: https://www.openolat.org/wiki/index.php?title=Main_Page
- OpenOLAT source repository: https://github.com/OpenOLAT/OpenOLAT
Any questions?
Feel free to contact us. Find all contact information on our contact page.