11 Tips for End User Security Awareness Training

Posted by Jeffery S. Groby on Feb 20, 2018 9:44:25 AM


As a business owner, your focus is to ensure that your business systems and data are secure from threats. There are many ways to make that happen. You may find yourself asking, what is the best way? Which solution will provide the most return on your investment? Would it be a new firewall? Fresh antivirus and anti-malware apps? Actually, the answer might surprise you. The best return on your invested dollars is to help educate your end users. One ignorant end user can bring down your entire infrastructure no matter what you might have invested.

Current statistics indicate that up to 65% of breaches are caused by poorly educated end users. Teach your employees to be critical consumers in this online data-driven and high-tech world we operate in. A smart end user that engages critical thinking skills when dealing with technology and the online world is the best asset you can have in your security arsenal. What are some things you can do to educate your users and make them warriors in this high-tech battle? Look no further.

A downloadable version of the list has been made available for you. Click below to access our checklist, End User Education in the Workplace. Use this checklist as a handy tool to start-up the conversation about the different ways your business can educate your employees. 

End User Education in the Workplace Checklist

End User Security Education Tips in the Workplace

  • Train them during on-boarding – HR should present some brief courses during on-boarding that outlines the proper and ethical use of technology assets.
  • Continued education for proper and ethical use of technology assets. HR should have users certify annually on these topics.
  • Provide them with tools that will help them make good decisions – including up- to-date web browsers, office applications, the latest operating systems, and patches.
  • Teach them how to think critically about the online world. This one is a little harder, but the most important thing to note is: just because it’s online doesn’t mean it’s true.
  • Create and implement security-related policies and procedures. Enforce them.
  • Provide the latest and greatest anti-virus and anti-malware programs on their machines to assist in the battle. The latest round of anti-virus and anti-malware software is very good at identifying threats and isolating them before they become a problem.
  • Conduct penetration testing and other types of security-related checks on a quarterly basis if possible.
  • Publish a security-related bulletin that you send to your users. Put articles that are pertinent to current threats and also include articles that outline recent breaches, what caused them and how it could have been avoided.
  • Appoint a security czar that can help answer questions and stay abreast of trends in the high-tech security world. Encourage users to open up and engage in discussions about security.
  • Develop policies and procedures around mobile devices and their use in the office. Make sure you segregate the general WiFi network they can use for their personal devices away from the connection used for business purposes. If they need to be on the main network, look into owning the devices and pushing a security policy to them.
  • Shore up critical business systems like Multifunction Printers. Misconfigured or “out of the box” devices can cause a lot of problems. Work with your vendors and manufacturers to ensure that these devices are buttoned up as much as possible to avoid exploits.

Evolving Cyber Security Issues

Keeping up with emerging and evolving security trends is a full-time job. Business owners need to do their best to make sure they are protected. Having smart, tech-savvy and critical end users is one of the best ways owners and management can make sure their data, assets, and infrastructure are protected on a daily basis.

SumnerOne wants to help. Our End User Education in the Workplace Checklist can be beneficial for your end users and your business overall. Be sure to download the checklist, and distribute across your business for a better understanding of end user education. For more information about how SumnerOne can help your business, contact us. If you haven't already, check out our Tech Talk segment on The Big 550 KTRS to learn more about technology and security in the workplace and at home. 

In Case You Missed It: Tech Talk Updates

 Originally published February 20, 2018, updated September 17, 2018

Topics: Security, Small Business, Technology