There are many excellent sites that offer generic best practice info security ideas for the work environment. Employers need to be conscious of 2 significant dangers of asking workers to rely on them for their Awareness Training.
The first threat is ensuring that your staff members go to among the great sites, instead of fall nasty of among the ‘lower’ sources. Easy enough to resolve – send your personnel an e-mail of the details security sites that you authorize of. Job done!
The second threat isn’t so easy to attend to. Your organisation is unique, with its own particular procedures, treatments and details types. It may even draw unique cyber dangers that other markets and organisations do not have to compete with. Any best practice that your staff members draw from generic security sites is not likely to be totally relevant to these unique elements of your organisation.
Generic sites can talk about the risks of phishing, however they can’t talk about the particular risks of spear phishing attacks that are unique to your market or organisation. Generic sites can discuss how ‘delicate details’ must be secured when copied onto storage media or carried on laptop computers, however they can’t specify what ‘delicate details’ implies in the context of your organisation. If you are more curious about security awareness then you can learn more about it on cfisa.
Advantages of the particular source
Many organisations are resolving this second threat by bringing the source of security best practice in-house. This makes sure that staff members have quick access to a detailed website that covers the breadth of needed info security awareness. This is attained by way of an unique details security micro-site held within their existing intranet structure.
This provides the instant advantage of enabling you to customize all info security best practice to your organisation, making it suitable for function for the work your workers do and the manner in which they do it. The kinds of details can be gone over within the context of the organisation’s own info category system. All managing treatments can refer particularly to organisation procedures. The unique threats of the market or organisation can also be dealt with, with appropriate reality case studies supplying extra weight.