Raising end-user security awareness

Every week we hear stories about data breaches in companies and government agencies. The Identity Theft Resource Center reports that the number of data breaches in 2008 increased 47% compared with 2007. The organization also reported that 35.2% of breaches were the result of human error. Not only are data breaches costly, but they can result in losing customers.

The declaration from the RSA security conference that security companies must work together to battle cybercriminals is very important, but the best way to create security at your work place now is to encourage your end users to "think security."

Training and awareness programs

Once a year or at new employee orientation is not frequent enough to get people into the "cybersecurity" frame of mind. You can’t expect a busy employee to become a security expert. However, you can teach them how to recognize when something looks suspicious and whom to call when a security-related issue arises.

Microsoft offers a free Security Awareness program that you can customize to meet the needs of your organization. The tool kit includes

  • Brochure Templates
  • E-Mail Invite Template
  • Fact Sheet Templates
  • FAQs
  • Newsletter Template
  • Poster Templates
  • PowerPoint Templates
  • Quick Reference Card

I made a WOT poster (PDF) based on the template from this program that you can see and use yourself.

Maybe you use the MS program or another one – please share it with us if it’s a good one (especially if it’s free!)

Let us know what your company does to train employees in security awareness. Is it effective? Or if you have your own company, what steps have you taken to encourage your employees to help keep data and hardware secure?

Share on facebook
Share on twitter
Share on linkedin

Leave a Reply

Your email address will not be published. Required fields are marked *