General discussion

Locked

Increase user awareness to bolster security

By debate ·
What steps has your organization taken to bolster end users' awareness about security risks? Have these measures been effective? Share your comments about promoting security awareness to end users, as discussed in the Aug. 2 Internet Security Focus e-newsletter.

If you haven't subscribed to our free Internet Security Focus e-newsletter, sign up today! Click this link to subscribe automatically:
http://nl.com.com/MiniFormHandler?brand=techrepublic&list_id=e044

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Awareness of Antivirus and Security Issues

by michael_stannes In reply to Increase user awareness t ...

Dear All,
On the antivirus front, I alert users to virus risks on viruses with level 3/medium or more (Symantec/McAfee etc), with a 'non-tech-speak' description of the virus, it's effects, and, if email based, a summary of the likely emails containing the virus. Although we have automatic daily updates (hourly on servers) on client workstations, users are instructed to run the update program as soon as possible to ensure current definitions. Many users have thanked me for alerting them to new virus threats when they have noticed the same behaviour, or have received the same emails, at home.
However, although user awareness is part of it, if a virus infected email reached a user's desktop it would mean that our gateway and server scanning and security was insufficient. It's a two pronged approach.
I am frequently asked about how to secure a users home PC, and I have come across many people who have moved over to DSL without a firewall or even antivirus protection, and then wondered why their machine has been compromised or more often 'doing strange things'!. However, spending time describing the risks and how to sort out their home system has the payback of a user being more aware at work of these issues.
Michael

Collapse -

Provide patches and tools to users for their home machines

by ultra_blue In reply to Increase user awareness t ...

Hello:

At my company, I was able to convince management to allow me to create CDs with patches, service packs and spyware items for home machines. I've also put the spyware and privacy items in a folder on our file server so that anyone can burn their own CD if they like. Patches and service packs are usually done per request.
We draw the line at support, and have a disclaimer that says that the tools that we're providing are installed at the sole risk of the user. However, I've had a number of emails and phone calls thanking us for making these items available; many users are shocked to learn how much crud there is on their machines and how far behind they are as far as patches go.
My argument to management was simple: home machines are part of the problem -- let's do what we can to be good netizens and provide tools to our users, as a perk. I've found that the huge size of many patches and service packs is a problem for many users; we alleviate that problem and providing permanent media means that the disks get passed around.

Blue

Collapse -

Users Awareness

by mwojcik In reply to Increase user awareness t ...

I have begun sending virus/worm information to users and ask that they take the information home to share with other family members. It is not enough to protect our computers/servers here at the District, if users at home are not protected. I personally inspect any user who wants to use a VPN to log on from their home computer. It still amazes me when I come across a computer that has a virus protection program on it, but has not been getting any of the updates, or has not paid for the new year?s subscription service. Keeping our users up-to-date on scams, "phishing", and password security has helped tremendously.

Collapse -

Raising Users' Awareness

by cfalsetta In reply to Users Awareness

I have just been charged with the task of increasing our users' security awareness... a project long overdue. I am curious as to what other IT Security folks have found to be an effective means of communication. We post alerts regarding the latest and greatest in scams and viruses on our website... but that doesn't reach the masses. We are a huge, global organization and I fully understand the requirement to incorporate several methods. I am looking for creative suggestions... something to pique the curiosity of the otherwise disinterested, at the same time encouraging their participation to be part of the solution as opposed to being part of the overall problem. Ideas anyone?

Collapse -

Email

by ultra_blue In reply to Raising Users' Awareness

Hello:

We're a small company, so I just emails out to everybody when something new comes up.

Blue

Collapse -

User Awareness methods?

by eriksblues In reply to Raising Users' Awareness

I repair computers as a sideline. Most problems I have discovered have deen the direct result of either viruses or spyware/malware. The average home user turns it on, do what they do, and turns it off...trusting to Norton or whatever other AV software they have installed, including AOL, Google, Yahoo, etc. Updates and patches appear to be a mystery to many home users...the where and how of it baffling. It only becomes a reality when their machine won't boot or their home page is hijacked or the sasser worm won't let them download a fix. Just like water polution...not a reality until muddy water comes out of the kitchen sink. I think the cd's with fixes on them is great...perhaps AOL could mass mail them as they do their "Get AOL Free" cd's. Companies such as AOL need to be approached to include such patches and fixes on their cds, which they constantly bombard households with.

Back to Security Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums