-
Security awareness/training and security policy tips for tough times
15 Apr 2020It’s a tired subject at this point. Still, I still wanted to share some pieces that I’ve written on security awareness/training and security policies over the years that your business might benefit from to help get (keep) your arms around your remote workforce and overall information security program…no need to buy anything or hire anyone to help. The following are all you need to get rolling and/or fine-tune:
Security Awareness and Training
- Defining Your Overarching Goal for Email Phishing Testing
- How IT professionals undermine their own email phishing campaigns
- The politics of email phishing
- How to create a sample phishing campaign
- Smishing targets mobile users and IT must prepare to fight it
- How does phishing apply to mobile devices
- Creating an email phishing testing program for your users
- What desktop admins can do about email phishing
- An easy way to help protect against email phishing
- Minimize your online footprint to combat phishing
- What to include in an Exchange Server phishing test
- Throw users a line to thwart an email phishing attack
- Stop attackers from catching you in a phishing hack
- Top gotchas when performing email phishing tests
- The fallacy of information security awareness and training
- Social Engineering: The big risk no one’s thinking about
Security Policies
- Why you have to look past security policies for real improvements
- Best practice tips for your password policy
- Why you have to move beyond “We have a policy for that”
- Security’s gaping hole – policy enforcement
- Sample e-mail policy template and checklist of concerns
- Quick policy checklist
- Why you have to look past security policies for real improvements
- Five Reasons Your Employees Are Violating Your Security Policies
- When security policies are bad for business
- Security policies don’t get hacked. Why do they get all the attention?
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
