What should your employees be aware of during Information Security Training?
The employees of an organization are its greatest strength an also sometimes its greatest vulnerability. To ensure that there is no compromise of data and sensitive information from their end, Information Security Training is conducted.
Here is what you can expect your employees to be made aware of during the course of the training by certified trainers:
- Proper Authentication: The employees are trained and advised to use complex passwords that are relatively harder to break, such as those that are alphanumeric as well as having special characters. Best practices involve using software called password manager. With this, your employees would need to remember only one strong password, and the password manager will take care of remembering all the other ones. The best part is that this software can be utilized by all the employees at the same time. For emails and sharing of files, two-factor authentication is taught because of the high level of security offered.
- The Network Connection: Wireless connections are inherently unsafe. And employees are also made aware of the fact that using Bluetooth services in office is a bad idea. Many hackers set up public Wi-Fi networks in public places and claim to be legitimate service providers, thus gaining access to the internet traffic of other, unsuspecting users. Employees are taught to be aware of this. The nuances of VPN service, the hardest to crack, are taught too.
- Device Access: Employees are taught to never allow access of their device to anybody else. I some cases their family members will be using their computer to do other online work, but this should be done from a separate account only. And it is best if the separate account does not have administrator privileges. It is safer this way.
- Data Encryption: A laptop of tablet may be stolen, but if the data on it is encrypted, it cannot be exploited. Encryption only needs to be enabled on computer admin settings.
- Backup: If important data is lost and all attempts at retrieval are unsuccessful, a backup is the last resort. During Information Security Training, employees are taught to take backup of their computer data at regular intervals.
- Security Hygiene: This bit involves things like anti-virus software installation, enabling of firewalls, checking links in emails, and also safe surfing of the Internet.
Netrika Consulting provides Information Security Training for employees at all levels of the organization. They have customized content specific to area of work, and web based modules for training accompanied by case studies and quizzes help get the message and training across effectively.