I'm a professor at a university and I have a concern about the security of RStudio (e.g., server, desktop, etc.) and also R. I'm exposing my students to data science via RStudio, many of whom then take R/Rstudio into the workplace.
An instance occurred recently where one student was interrogated by their CEO regarding the use of R for data analytics, and I'd like to have someone's perspective on how to respond.
In this instance, the CEO was particularly concerned that because R is an "open source" tool, they cannot verify that (for instance) some Russian hacker created a package that could (unbeknownst to them) be capable of downloading all of an organization's data and shipping it to Moscow (hypothetically). The CEO, in essence, didn't trust the open-source nature of R and RStudio.
As an institution, we were then approached and asked to teach our students tools that were certified in some manner (e.g., I was asked to consider Excel; a colleague recommended STATA). I don't think this is necessary and I suspect that this isn't really an issue, but I was not quite sure how to respond.
Does anyone have any guidance?
Thanks in advance,