Building awareness is key

By Kathy Coe  |  Posted 2004-03-15 Print this article Print

In addition, you and your security team should always be on the lookout for employees who are not acting in a security conscious manner. If you see a computer left unlocked and unattended in an office, passwords written on sticky notes posted to a monitor, or if you find other sensitive company information left out in the open, make sure you alert your offending employees for their actions. Make sure they understand exactly how their actions may threaten the enterprise.

Building awareness is key

Even if you have security policies in place, your job is not done. The policies must be communicated and understood by everyone.

Here are some things you should be doing to promote security:

  • Distribute printed giveaways (pencils, mouse pads, etc.) and put posters and signs on your office walls promoting your security awareness message.
  • Require all new employees to go through a security orientation.
    • Give them tips on determining what information (on the computer and on paper), is confidential and how to protect it.
    • Help them appreciate the value of the information your enterprise holds.
    • Make them aware of the risks of social engineering
  • Encourage refresher security training for current employees
Consistently and constantly reinforcing everyones personal responsibility and accountability to your enterprise security can go a long way. Enterprises must make security part of every employees job, regardless of the level of access an employee has to the computer network. With everyone on securitys side, there is less room for security lapses in the areas security technology cannot protect.

Many enterprises lack the in-house resources to plan, build, test, implement and measure an effective and comprehensive employee security awareness program. Corporate security awareness programs will motivate and engage your employees by delivering security awareness messages critical to the protection of your organizations valuable data. This program gives everything you will need to implement a comprehensive awareness program within your organization.

Kathy Coe is Director of Education Services for Symantec. She has more than 20 years of experience designing, implementing, and managing customer-focused training solutions for organizations. Over the last six years her business education experience has been focused on the information security industry. Check out eWEEK.coms Security Center at for security news, views and analysis.
Be sure to add our security news feed to your RSS newsreader or My Yahoo page:  


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel