Your users are your weakest security link. With the help of many readers, I put together a short set of notes on essential security practices. This class is aimed at computer novices but does include a few complex pieces. It covers password security, multi-factor authentication, spam/phishing, and web security. It can be taught in 35-50 minutes.
I taught this class 51 times over an eight week period to more than 800 people. A few benefits that I have noticed so far:
- We have had multiple phishing attempts – not a single employee has clicked a single link in those emails.
- Staff are locking their computers regularly when they are away from their computer.
- Zero complaints on our password and security policies. It really does help when staff understand why something is being done.
- Fewer emails from staff asking me if a certain message is spam or legitimate.
If you do teach your own security class, let me know – I would love to know how it went!