Dr. Tom Shinder’s Blog RSS

All Blogs  »  Dr. Tom Shinder's Blog  »  Microsoft Security Space  »  Blog article: Help Employees Develop Better Security Habits

Help Employees Develop Better Security Habits

The topic of end-user security training is always a fun one to bring up because of the wide array of opinions on its relative value. On one end you have the security admins who believe that not only does end-user training not help, it provides the end-users with knowledge and tools that can make the security situation worse on the network. On the end of the scale are those security admins who believe that the only way to really secure the network on the host level is to teach the users good security habits. Most of us lie between these two extremes.

While end user training will never be a panacea, a certain level of training and awareness of security issues on the end user’s part can make a big difference in terms of managing the number of worms, Trojans and viruses on your network. Users can be trained to not click on email attachments from unknown senders, be trained in how to examine URLs in links so that they can determine if there might be something amiss with the link, and how to check email headers in suspicious messages. True, not every end user is going to be interested and not all will take your advice, but if there are enough end users who are interested in good computer security practices, there is the potential for them to create a critical mass and group dynamics will then come into play to bring the stragglers up to speed.

The problem is that IT admins are computer admins, not trainers or teachers. If they wanted to be trainers or teachers, they would have gone into the training or teaching industries. There is also the time involved, as you need to develop training materials and prepare presentations. The truth is that you really don’t need to do all that much work. Just 15 minutes a week preparing an email or flyer or poster can go a long way at teaching your employees better network security practices.

If you’re interested in employee training and wondering how to get started, check out this article http://www.microsoft.com/midsizebusiness/network-s...t.mspx  The author brings up a number of using ideas that you can put into practice immediately.

HTH,

Tom

Thomas W Shinder, M.D.
Site: http://www.isaserver.org/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW BOOK! Go to http://tinyurl.com/2gpoo8
Email: tshinder@isaserver.org
MVP — Microsoft Firewalls (ISA)

This entry was posted on Sunday, March 9th, 2008 at 12:30 pm and is filed under Microsoft Security Space. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)

You must read and type the 6 chars within 0..9 and A..F, and submit the form.

  

If CAPTCHA image is missing or you cannot read the characters above, please generate a


Receive all the latest articles by email!

Receive Real-Time & Monthly WindowSecurity.com article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become a WindowSecurity.com member!

Discuss your security issues with thousands of other network security experts. Click here to join!

Community Area

Log in | Register

Solution Center