Professional Documents
Culture Documents
Awareness Training: IT Best Practices For Community Colleges Part 4
Awareness Training: IT Best Practices For Community Colleges Part 4
Awareness Training
Donald Hester
April 20, 2010
11
Needs Assessment
12
Needs Assessment
13
Establish Priorities
Availability of Material/Resources
• In house or outsourced
Role and Organizational Impact
• How ill this help people do their job
• How will this help us reach our overall goals
State of Current Compliance
• How informed are staff and students about
security and privacy practices
Critical Project Dependencies
14
• Funding
Materials
16
Possible Topics
17
Campaign
19
Awards
Initial User Training
20
Reminders
http://blogs.technet.com/askds/archive/2008/02/08/deploying-legal-notices-to-domain-computers-using-group-policy.aspx
22
Buy Posters
23
Short and to the point
24
NIST Posters
25
26
Maintenance of the Program
Continuous
improvement
should always be
the theme for
security awareness
and training
initiatives, as this is
one area where
“you can never do
enough.”
27
Input for Updates
28
Maintain the Program
29
Goal of Training
32
KPI (Key Performance Indicators)
Consider Partnerships
• Other community colleges have the same needs – work together
Books
• Managing an Information Security and Privacy Awareness and
Training Program ISBN 978-1439815458
Standards and Guidance
• NIST SP 800-50 Building an IT Security Awareness and Training
Program
Posters
• Monthly subscriptions
http://www.securityawareness.com/postersub.htm
• New York
http://www.cscic.state.ny.us/cscorner/events/2008/index.cfm
Social Media Example
• http://www.facebook.com/group.php?gid=245570977486
34
Q&A
Donald E. Hester
CISSP, CISA, CAP, MCT, MCITP, MCTS, MCSE Security, Security+
Maze & Associates
@One / San Diego City College
www.LearnSecurity.org
http://www.linkedin.com/in/donaldehester
http://www.facebook.com/group.php?gid=245570977486
Evaluation Survey Link
http://www.surveymonkey.com/s/10SpIT4
IT Best Practices for Community Colleges Part 4:
Awareness Training
Thanks for attending
For upcoming events and links to recently archived
seminars, check the @ONE Web site at:
http://onefortraining.org/