US-CERT Bulletins: A user training tool for the overworked helpdesk

In offices that don't have technology staff members specializing in user training, it often falls to the helpdesk techs to make sure that people have the skills they need. This is a natural fit when a support pro has to help a user understand where they made a mistake. By definition though, the helpdesk has to focus on solving problems, and techs may have limited time to spend organizing optional training opportunities. If you don't have the time to put together training materials to cover those basic topics your users should know, I've found a resource that can help you.

Maybe you didn't realize that the federal government has an interest in increasing the computing competency of your less-technical users. It does, and I like to put Uncle Sam to work whenever I can, so I've been introducing my users to content from the US-CERT Technology Bulletins. US-CERT is the United States Computer Emergency Readiness Team, an organization affiliated with the U.S. Department of Homeland Security and charged with protecting the nation's computer networking infrastructure. Following the old adage that the "best offense is a good defense," US-CERT tracks all those things that are hazards for Internet users—software vulnerabilities, viruses, known exploits and phishing scams—and coordinates a response strategy for them. Information on the threats that are "in the wild" is made publicly available on their web site.

There's a lot of material which US-CERT provides that isn't of interest to anyone besides IT pros. My users don't need to know the technical details of a "heap overflow" or a "remote code execution vulnerability". Upon hearing terms like these, brows would furrow and eyes would roll. Not all of US-CERT's work is aimed at those of us in the propeller beanies, however. They've spent a great deal of time writing clear, concise and accessible articles that package computing information for the general user.

I encourage you to look at the Cyber Security Tips and the Security Publications sections of the US-CERT web site. There you can find easily digestible articles for your audience of non-technical colleagues on various principles of safe computing. US-CERT makes the articles available in a number of formats: RSS, email newsletter, and PDF download for the longer topics. Whether you decide to weave some of US-CERT's resources into your own training materials, or provide them unfiltered to your users, the work that US-CERT has done can save you from having to spend a lot of time documenting the basics of good computing habits. And who knows? Maybe their tips will help cut down on the number of people in your office who want to talk to you about the spyware problem they have at home.