IT Security Basics: Awareness Program
An approach to IT security training, used for many businesses, from sole traders to large multi-nationals and much in between, that has shown to be very successful. As a business owner, you have probably heard that your staff are the weakest link when it comes to security. In my opinion this is not true, your staff, if trained well, can be the most effective security you can have.
The key to success is how they are trained.
The Key to Successful Training:
The success of any business training program is to make it interesting to the attendees in a way that what they have learned can be applied to their personal life in some way.
Let’s be realistic – people are more focused on their friends and family than their day jobs.
So, if the training program gives value that can be applied to their personal life, including friends and family, then the training material will be remembered and applied far more successfully in their work environment.
For example, if your business IT security training program provides tips on how they can secure their home baby-cam through changing password defaults, then that will stick far more readily in their minds than telling them they need to change the password on business system default accounts.
The benefit to your business is that focusing on adding value to their personal life will provide a higher level of success that the staff member will apply the knowledge to their work environment.
Hopefully you can see the benefit of this approach instead of providing an IT security training program every 12 months where they must sit through a slide pack of boring statements about complying with the rules or face disciplinary action.
Most attacks require the target user, such as your staff member, to perform an action in order to kick-off the attack such as clicking a link or attachment within an email, downloading software or divulging their password.