User Account

All Pages

Define the importance of user technology security education

Assignment Help Other Subject
Reference no: EM132234105

Question: Go through the below discussion and comment in 150 words

Importance of user technology security education with in organizations

In this present-day to day world of information technology, having a strong background in security education and awareness is very important, in fact, it may make the huge difference between an effective, productive individual and one who is the opponent.

This simple and overly stated fact possibly will sound like a buzzword, but a quick look at incident records, such as the famous Target case, or the more recent WannaCry massive attack, will show that even with the best technology in place, if the human is not taken good care of, the levels of exposition to threats, and subsequent impact, is way higher than what most would call acceptable.

Advantages Include:

1. Encompassing your information security efforts: In order to be effective, information security must be a corporate wide effort embraced over all hierarchical levels. Changing your corporate culture to adhere to the new security focus will be a much simpler task if people can understand and relate to the new controls and expected behaviour. For instance, while it may be frustrating to try changing your password and receiving a message stating it does not comply with complexity requirements, your users might be convinced by understanding that using ‘123456' or ‘a2bc3d as a password is a security risk due to brute force or password guessing attacks.

2. Less time to detect security incidents: Having security-aware users does not always mean less incidents, but, since they will know what constitutes a security incident and how to report it, detection times will surely be significantly lower, meaning that a significant number of incidents might be prevented, and even the ones that occur will have a better response, and, consequently, a reduced impact.

3. Persist in compliance efforts: If your company falls under legislation such as Sarbanes-Oxley 404 or is interested in achieving a security standard like ISO 27001, an awareness program is essential. Your focus should be ensuring that users are aware of security policies, norms, risk, threats and expected behaviour, but awareness training will also provide extensive evidence of compliance efforts and the commitment of the upper management to information security.

Regularly training and implementing a regular security awareness training program is crucial to ensure that you're doing your part to inspire and educate your employees to greater levels of security and awareness. The first step in a successful training program is having a culture of security at your organization, including buy-in from upper management. If the employees see management's focus on creating a secure work environment, that attitude will spread.

Here are five things to think about when training your employees to practice security in the workforce:

1. Physical Security - Are you required to wear badges while on the property? Are there appropriate identification and sign-in procedures at the front desk to monitor individuals who are coming in and out of the facility? Are these processes being followed every time?

2. Password Security - Passwords should be at least 8 characters long and use a variety of upper and lowercase letters, numbers, and special characters. Default passwords should never be used, and passwords should never be shared.

3. Phishing - Train your staff to be wary phishers and to know what to look for. Make sure they know not to open attachments in emails if they do not know the source. Encourage them to not send confidential information in response to an email claiming that "urgent action is required". Test your employees, train your employees, and make sure you've created an environment where if in doubt, someone will ask before engaging in an email that may look suspicious.

4. Social Engineering - Social engineering threats are threats based on human vulnerabilities. It's a way attacker manipulate people into giving away confidential information, password/ID combinations, or to gain unauthorized access to a facility. Train your employees to operate with a healthy amount of scepticism, and to never give out sensitive information without fully identifying the other person.

5. Malware - Malware, much like phishing, can enter your environment through non-malicious looking threats such as employees opening emails from unknown sources, using a USB drive that is infected, or going to websites that may be unsafe. Be sure employees are trained to be aware of these kinds of attacks, and practice identifying malware threats.

Reference no: EM132234105

Questions Cloud

What is the difference between an swbs and cwbs : What is the purpose of the SEMP? When in the life cycle should it be developed? How does it relate to each of the following: the PMP.
Communication is skill that develops over time : Communication is a skill that develops over time. Where do you envision your professional communication skills at the end of this course?
Good topic for survey in management field : What would be a good topic for a survey in management field?
An important duty of member is to pay the money : An important duty of a member is to pay the money they are liable to pay by virtue of their membership
Define the importance of user technology security education : In this present-day to day world of information technology, having a strong background in security education and awareness is very important.
School board is trying to evaluate new math program : The school board is trying to evaluate a new math program introduced to second-graders in five elementary schools across the county this year.
Can an executive be forced to function as a sponsor : Some executives prefer to micromanage projects whereas other executives are fearful of making a decision because, if they were to make the wrong decision.
Porter five forces is easy framework to understand : Porter's Five Forces is an easy framework to understand and offers a quick way to analyze a market.
Discuss all aspects of access control systems : What are the factors that influence the selection of access control software and/ or hardware? Discuss all aspects of access control systems.

Reviews

Write a Review

Other Subject Questions & Answers

  Cross-cultural opportunities and conflicts in canada

Short Paper on Cross-cultural Opportunities and Conflicts in Canada.

  Sociology theory questions

Sociology are very fundamental in nature. Role strain and role constraint speak about the duties and responsibilities of the roles of people in society or in a group. A short theory about Darwin and Moths is also answered.

  A book review on unfaithful angels

This review will help the reader understand the social work profession through different concepts giving the glimpse of why the social work profession might have drifted away from its original purpose of serving the poor.

  Disorder paper: schizophrenia

Schizophrenia does not really have just one single cause. It is a possibility that this disorder could be inherited but not all doctors are sure.

  Individual assignment: two models handout and rubric

Individual Assignment : Two Models Handout and Rubric,    This paper will allow you to understand and evaluate two vastly different organizational models and to effectively communicate their differences.

  Developing strategic intent for toyota

The following report includes the description about the organization, its strategies, industry analysis in which it operates and its position in the industry.

  Gasoline powered passenger vehicles

In this study, we examine how gasoline price volatility and income of the consumers impacts consumer's demand for gasoline.

  An aspect of poverty in canada

Economics thesis undergrad 4th year paper to write. it should be about 22 pages in length, literature review, economic analysis and then data or cost benefit analysis.

  Ngn customer satisfaction qos indicator for 3g services

The paper aims to highlight the global trends in countries and regions where 3G has already been introduced and propose an implementation plan to the telecom operators of developing countries.

  Prepare a power point presentation

Prepare the power point presentation for the case: Santa Fe Independent School District

  Information literacy is important in this environment

Information literacy is critically important in this contemporary environment

  Associative property of multiplication

Write a definition for associative property of multiplication.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd