Problem

Many employees are not security inclined and are not aware of what a true risk is to the organization. With the rapid change in the security landscape, almost on a daily basis, no employee can keep up without help. Employees are frequently a weakness in the information security program of large and small organizations. All employees must help the organization to protect the security of information, know when there is a potential problem with how they operate and be cognizant that they are part of the overall solution. A company has a responsibility to make sure that each employee is aware of the many threats that can endanger the confidentiality, integrity and availability of information assets and provide a solid foundation for the employee to assist in shoring up the organization's most critical information.

Solution

Security begins with your employees. We can develop an Awareness training methodology for employees of all levels, users, developers, management and executives to meet regulatory requirements or to match your corporate security policies. We customize a security awareness training program for your operating environment with both on-site and online training. Awareness training should be an ongoing process that is relevant practical and targets management and staff. .We can provide training tailored to your environment around the enterprise applications, user education and security practices. Our education services can be targeted to employees in 1 hour sessions or all day sessions geared towards your technical staff or users. Classes will be in a lecture format with hard and soft copy material in class or via webinar. Key aspects include:

· Development of awareness training programs for all employees

· Provide easy to understand written training material that can be distributed to employees

· Provide “Top Ten” security tips sheet that can be used be distributed by HR

· Provide sessions that can be done via conference call/in house

· Provide 1 update at the end of 12 months to training material

· All key awareness concepts to be covered but not limited to:

o Detecting and Avoiding Social Engineering

o Recognizing Competitive Intelligence Probes

o Choosing Good Password

o Protecting Sensitive Information

o Basic PC Security

o Information Classification

o Data backupo Email & IM Safeguards

o Recognizing and Dealing With Viruses

o Reporting Suspected Security Violations

o Reporting Security Vulnerabilities

o Working From Home or Traveling

o Physical Security

o Phishing and Identity Theft

o Spyware and Ad-Ware

o Safe Web Surfing

o Data leakage

o Regulatory Compliance

o Social network risks

o Software and copyright lawso Privacy concerns

o Encrypting data and data destruction

We will deliver monthly “Hot Security Topics” that are easily understood by employees and can be disseminated to the entire company to keep security at the top of their minds.

How the Process Works

We will first get a basic understanding of your needs through an interview process. We will help you select the key areas where your employees need training and develop a list of classes and schedule and format of the material. You can choose onsite or online sessions and distribute the material to all employees. We know security training is not a onetime event.

We will provide monthly information alerts you can send to your employees to keep security at the forefront of corporate policy. All employees will have the opportunity to take the class and have access to the material to keep them educated about security risks. Educated employees will reduce the threats being introduced into the company and some regulatory requirements requiring user training will be met. Security awareness training is the first step in changing the security culture of the organization.