Every Employee Should Have Basic Computer Security Training

Human error makes it even easier for hackers to breach corporate systems.

Posted by Lindsay Khan in Corporate Security on August 10th, 2011

Even the most basic computer security training can make a difference when it comes to protecting your company from hackers. When news broke last week regarding “Operation Shady RAT”, it proved once again that everyone is at risk for cyber attacks. As hackers continue to develop more sophisticated methods to break into systems,  human error makes  it even easier.

Computer Security Training

If employees don’t know the basics of computer security, they can put a system that isn’t adequately protected, and even one that is, at great risk.  An article by Teresa Smith in the Ottawa Citizen, “Cyber spies using employee ignorance to infiltrate government, firms: experts,” reports on the damage caused by a lack in basic computer security know-how:

One of the biggest flaws in security networks, as exposed with revelations this week about a global wave of online espionage, is human error, they say, spurred by a lack of basic computer training for executives and high-ranking officials. As online scams and targeted espionage become more sophisticated, government and companies need to teach their employees how to protect themselves, said Ken Chase, owner of a Guelph, Ont.-based computer-security company. “Basic computer security knowledge is fairly lacking, so people can be taken advantage of fairly easily,” said Chase.

FREE Investigation Report Template

Prepare thorough, consistent investigation reports with our free report template.

Download Template
Some of the areas you’ll want to address when training your employees on basic computer security practices include:

  • Email security- password protection, encryption, double checking intended recipients, making sure the correct attachment is being sent, not opening spammy looking or questionable emails, etc.
  • Passwords- how to make a strong password, when passwords need to be changed and why you should never leave it on a sticky note on your desk, computer, notebook, etc.
  • Anti-virus scans- why they are important and when they are done.
  • Handling company information- how to keep private documents secure and how to properly dispose of documents when they are no longer needed.
  • Consequences for failing to take security matters seriously and violating company policies.

Training programs need to be updated to reflect new security risks. Shorter, more frequent, training sessions allow you to keep security top of mind for employees and make it easier for them to digest information.

Canadian Federal Government

The CBC News article, “Federal agency to trim IT costs,” by Laura Payton reports on a new plan from the Canadian federal government to boost information security by streamlining and consolidating government networks:

Government departments currently run their own information technology programs, meaning there are 100 different email systems across the public service, 300 data centres and 3,000 overlapping and unco-ordinated networks…Combining the networks will make the government’s system more secure, they said. The streamlining and consolidation mean fewer portals to defend and will make it easier to detect if someone gets into the system, a senior government official said in a briefing following the announcement.

The Canadian government hopes that these measures will increase security and ensure that sensitive information remains private. Hopefully this plan is accompanied by employee training!


lindsayisight
lindsayisight

Marketing Coordinator

Lindsay Khan is the marketing manager for i-Sight Software. With an Honours Bachelor of Commerce degree in marketing from the University of Ottawa, she brings business acumen to the subjects she covers for the company blog and website. Lindsay compiles monthly newsletters, writes and promotes downloadable guides and press releases, promotes webinars and manages our online communities.

Visit Website