IT managers know that the biggest danger to a system’s security comes from inside, from end-users. One of the most prevalent problems with security is that most users are completely unaware of the risks of insecurity. And this problem will not fix itself. You can do all you want to educate yourself about current security threats and how to handle them, but if your end-users keep taking the same security chances over and over, your efforts will be in vain.
As Jonathan Yarden said in his column, “Increase user awareness to bolster security”:
“The horrible state of Internet security is due to an epidemic of ignorance. But companies can’t just sit back and accept this lack of knowledge. Developing end-user education opportunities in the corporate environment–and encouraging employees to take advantage of them–is one way for companies to diminish computer illiteracy.”
In an effort to diminish the computer illiteracy Yarden talks about, we have created an interactive end-user security quiz. This scored quiz asks questions about viruses, and Internet and e-mail usage. When a user chooses the wrong answer, he or she is given an explanation. We also point users to more TechRepublic sources on the subject at hand in case the quiz indicates a weakness in a particular area. As part of your end-user education, send this link to your company’s users to help enlighten them to their own behavior that may be putting your systems at risk.