Security Training/Awareness
I am embarking on a long tough project, part of which has to do with providing security training and awareness to a audience of 1500 people. I am wondering what others are doing to help get across some security messages - such as the computer security department won't ask you for your password and userid to check on something.
Thanks.
Software/Hardware used:
Software/Hardware used:
ASKED:
May 25, 2004 3:29 PM
UPDATED:
June 2, 2004 10:53 AM
Answer Wiki:
To give an answer, i would have to know more about your security policy, industry, and current enforcement in your company. These are the three key factors in selling security in the organization--you have to sell to the perceived needs of your audience.
To see all answers submitted to the Answer Wiki: View Answer History.
Hell, who did you annoy? Just as an idea, one of the clients I worked for went through the following process for information security awareness:
They put together an audio-visual presentation (video would also have worked well) and scheduled screenings. It was obligatory for all staff to attend one, so a register was kept, and a short monkey-puzzle test was given at the close of the session. This was marked, and failures notified to their management. This was followed by a weekly e-mailed presentation about a specific topic – Choosing an appropriate password, Avoiding virus’s by not loading stuff from Internet/external media, Reasons for screensaver security, etc – very short, one page, lots of moving picture, slide-ins, etc. What I couldn’t tell you is how effective this all was. Have fun!