There’s little doubt that cyber threats have multiplied dramatically and hackers have become increasingly sophisticated. Organizations are under attack from all directions as cyber crime has become big business. As first line of defense against the bad guys, you as an employee must take personal responsibility to safeguard CommerceIQ and its information assets.
This training highlights importance of Information Security.
After completing this training you will be able to understand
- Concept of Information Security
- Goal of Information Security
- Company policies and good practices
- Security threats
- Dos and Don’ts
Total Duration: 45 Minutes
What is Information Security
Information security is the state of being protected against the unauthorized use of information, especially electronic data, or the measures taken to achieve this.
It is a process that moves through phases; building and strengthening itself along the way. Information Security is about securing information from unauthorized access. In addition, it is also the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. Information can be stored on any format – physical or electronic.
Importance of security awareness
Employee awareness is a critical element of security. Employees need to understand the value of protecting customer and colleague information and their role in keeping it safe. Employees also need a basic grounding in other risks and how to make good judgments online.
“The best security technology in the world can’t help an organization unless employees understand their roles and responsibilities in safeguarding sensitive data and protecting company resources”
Threats – Desktop Security
You are effectively leaving your front door unlocked when you leave your computer unattended without securing your desktop
The primary security consideration when talking about desktop security has to be users. As a user on a network, you have unparalleled access to your organizations resources, and this access can create vulnerability in security if you, our employee is not careful.
While most users don’t intentionally cause damage to their network, there are unintended consequences when users find themselves ignoring best practice and opening emails and attachments from unverified sources.
Company Policies – System Access
System access refers to the collective procedures by which authorized users access a computer system and unauthorized users are kept from doing so. To make this distinction a little more realistic, however, understand that user access security limits even authorized users to those parts of the system that they are explicitly permitted to use (which, in turn, is based on their “need-to-know”). After all, there is no reason for someone in Staff Payroll to be given clearance to confidential student records.
Let’s go through the following incident.
If you have been given access to a particular system, please remember it is for you and no sharing of UserID and password is allowed. You are responsible for safeguarding your user account and password.
In later sections, secure password tips will be provided.