11 Tips for End User Security Awareness Training

As a business owner, your focus is to ensure that your business systems and data are secure from threats. There are many ways to make that level of information security happen. You may find yourself asking, what is the best way? Which solution will provide the most return on your investment? Would it be a new firewall? Fresh antivirus and anti-malware apps to protect against cyber attacks? Actually, the answer might surprise you. The best return on your invested dollars is to help educate your end users. One ignorant end user can bring down your entire infrastructure no matter what you might have invested.

A downloadable version of the list has been made available for you. Fill out the form below to access our checklist, End User Education in the Workplace. Use this as a handy tool to start-up the conversation about the different ways your business can educate your employees.

Current statistics indicate that up to 34% of breaches are caused by internal human error. Teach your employees to be critical consumers in this online data-driven and high-tech world we operate in. A smart end user that engages critical thinking skills when dealing with technology and the online world is the best asset you can have in your security arsenal. What are some things you can do to educate your users and make them warriors in this high-tech battle? Look no further.

End User Security Training Tips in the Workplace

• Train them during on-boarding – HR should present some brief courses during on-boarding that outlines the proper and ethical use of technology assets. Use a standardized end user training document template to ensure the consistency of each onboarding.
• Continued education for proper and ethical use of technology assets. HR should have users certify through a security awareness program annually on these topics.
• Provide them with tools that will help them make good decisions – including up- to-date web browsers, office applications, training modules, the latest operating systems, and patches.
• Teach them how to think critically about the online world. This one is a little harder, but the most important thing to note is: just because it’s online doesn’t mean it’s true.
• Create and implement security-related policies and procedures. Enforce them through methods of creative social engineering.
• Provide the latest and greatest anti-virus and anti-malware programs on their machines to assist in the battle. The latest round of anti-virus and anti-malware software is very good at identifying threats and isolating them before they become a problem.
• Conduct penetration testing and other types of security-related checks on a quarterly basis if possible.
• Publish a security-related bulletin that you send to your users. Put articles that are pertinent to current threats and also include articles that outline recent breaches, what caused them and how it could have been avoided.
• Appoint a security czar that can help answer questions and stay abreast of trends in the high-tech security world. Encourage users to open up and engage in discussions about security.
• Develop policies and procedures around mobile devices and their use in the office. Make sure you segregate the general WiFi network they can use for their personal devices away from the connection used for business purposes. If they need to be on the main network, look into owning the devices and pushing a security policy to them.
• Shore up critical business systems like Multifunction Printers (MFPs). Misconfigured or “out of the box” devices can cause a lot of problems. Work with your vendors and manufacturers to ensure that these devices are buttoned up as much as possible to avoid exploits.

Evolving Cyber Security Issues

Keeping up with emerging and evolving security trends is a full-time job. Business owners need to do their best to make sure they are protected against phishing attacks, scams, and other forms of security breaches. Having smart, tech-savvy and critical end users is one of the best ways owners and management can make sure their data, assets, and infrastructure are protected on a daily basis.

SumnerOne wants to help. Our End User Education in the Workplace Checklist can be beneficial for your end users and your business overall. Be sure to download the checklist, and distribute across your business for a better understanding of end user training. For more information about how SumnerOne can help your business, contact us.