Education Is Imperative
End user security awareness education begins with new employees at their intake education. Providing them with a comprehensive overview of the company’s policies and procedures regarding technology is imperative. Topics covered should include the importance of solid passwords and of changing them periodically, the restrictions placed upon the use of the company’s e-mail service, the importance of data privacy and how that is achieved within the company, and the appropriate use of the company’s website and social media accounts. Providing this education at their intake relieves new employees of the stress of uncertainty and protects the company from any unintended mistakes by new employees as they acclimate themselves to a new technology environment.
End user security awareness education continues throughout every employee’s time with a company. Technology makes providing ongoing education simple and, for the most part, are low-intrusive. Brief reminders, which pop up at login, weekly e-mails, and short online education, for example, keep employees aware of their responsibilities, while providing them with information they need to work safely. Most people have neither the time nor the inclination to keep abreast of new or ongoing threats, for example. Low-invasive education, though, provides them this information in ways, which make it relevant to them and enables them to apply the information immediately.
Client Confidence
It is obvious, that such education protects both the company and its employees. That it protects the company’s clients should not be overlooked. Breach clients’ confidential information and the company will have no clients. Without clients, the company is out of business and the employees are out of a job. The addition of the possibility of lawsuits and criminal charges make such breaches, even if inadvertent, wholly untenable for most businesses. Comprehensive, ongoing, and effective end user education is imperative.
Technology, computers, social media, and streaming services, among other examples, provide companies and their employees almost limitless ways to work together, set and achieve goals, to buy and sell, and to touch lives across town or across the ocean from anywhere in the world. Such flexibility and productivity is truly breathtaking. Yet, as wonderfully productive as all of it is, technology can be incredibly fragile and vulnerable. Companies, therefore, have the responsibility to secure their systems and to educate their employees about the responsibilities they share in system security. Failing to do so can result in unintended, but catastrophic, failures of their clients’ trust, fortunes, and even lives.