Designing and Implementing a CSCL-based Course on the Data Security of a Wireless Learning Environment

This article reports on a design-based research (DBR) process for designing and implementing a computer-supported collaborative learning (CSCL) course on the data security of wireless learning environments. The study focuses on examining how university students practice data security when learning on a wireless campus, how data security aspects appear in this study and how students perceive the role of data security in CSCL. The research subjects included six pilot students and eight students enrolled in the course. To promote the reliability of the findings, various kinds of data were used. The data was analysed following the grounded theory approach. The results suggest that data security should be considered an integral part of CSCL-based courses and that students need to be taught the basics of managing the data security of their information and communication technology (ICT) enhanced learning environment regardless of the main subject of their studies.

place in real-life naturalistic settings (Barab & Squire, 2004) such as the wireless university campus in this study.
The first stage of the DBR process involved designing a pilot course based on literature and previous research conducted in the areas of information security, human-computer interaction (HCI) and CSCL. This was done in collaboration between four teacher-researchers. The second stage of the DBR process-implementation of the pilot course-took place in October-November 2006. There were six pilot students, all of them female and aged between 20 and 26 years. They were majoring in either Media Education or Education.
The pilot course started with an introductory lecture that dealt with users' basic security actions, such as users' responsibilities of maintaining the organisation's data security, technical data security risks and protection from these risks. The second lecture concentrated on possible security issues with organising CSCL-type courses. The third lecture was an introduction to data security in wireless networks, and it concentrated on the technical hardware of wireless networks and data security. The fourth and final lecture focused on data security, law and informatics issues and user interfaces.
Between the lectures, students engaged in asynchronous network-based discussions in the Optima environment. After each lecture, students were given a discussion topic that was do wireless networks bring about in using learning environments? and (d) How are usability criteria realised in the learning environment that you are using? As their course assignment, students wrote user diaries during and after the pilot course. In the diaries, they reflected on the topics of the lectures and discussions and deliberated on the role of data security in their learning as well as in other areas of life. They also described situations in which they encountered data-security problems and described how they managed those situations. After the pilot course, the students gave anonymous feedback through a learning-management system.
In the third stage of the DBR process, two of the teacher-researchers continued the work by designing the CSCL course on the data security of wireless learning environments. This was done by refining the original pilot course design based on pilot students and teachers' experiences.

Course Description
The course designed based on the pilot course experiences was entitled Data Security of Wireless Learning Environments. It was primarily aimed at media education undergraduates and students studying information technology as a secondary subject. The students received four ECTS (European Credit Transfer System) credits for completing the course, which was graded from 1 to 5 or fail. The goal of the course was that the students learn (1) to understand the meaning of data security in CSCL and (2) skills that enable taking care of data security.
Eight Finnish students (4 female, 4 male) between the ages of 20 and 31 years enrolled in the first course implementation in October-November 2007. The students were Media Education, Sociology or Accounting majors. During the seven-week course, students attended thematic lectures, participated in network-based discussions and completed a course assignment. The course started with a lecture that introduced the aims of data security. The second lecture concentrated on data security in practice (i.e., the students were taught skills to maintain data security). This practice-based second lecture was added to the course design on the grounds of students' feedback from the pilot course. According to the pilot students, they would have appreciated more concrete how-to guidance regarding, in particular, virus-protection and firewall software. The third lecture concentrated on security issues in CSCL, and during the