Training
This is why each organization needs to train their employees with what they should and should not do, security wise. "Training should be creative, varied, related to real life, and frequent."(Tipton,2007) In addition "The attitude of the trainers should be to raise the awareness and behavior of the attendees to a higher level, not to explain the rules as if to criminals that they had "better behave or else.""(Tipton,2007)"Training for a user must include the proper use of the system and the reasons for the various controls and security parameters built into the system. Without divulging the details of the controls, explaining the reasons for the controls may help the users to accept and adhere to the security restrictions built into the system."(Tipton,2007) When users are fully trained with how to keep their information and others information secure, they must also be taught to always follow procedure. If an employee is told not to give away a user name or password unless some other important information is provided, then they must not give away that information unless that are 100% sure the user is valid.
Other Useful Tips Other things you can do to prevent Black Hat Hackers from accessing your systems include: Job Rotation and Segregation of Duties. Job Rotation will keep users learning and adapting to different parts of the organization. Job Rotation will also keep users from "getting used to" their job. If a user sits around doing the same thing day after day they tend to slack off more, a business owner will get more "bang for their buck" and overall security using this technique. Segregation of Duties is also vital to network security. Do not give a single user more access to information or more responsibility then is absolutely necessary. A good example of this is having one user input data, and another user to process the data. Should either users information get out, it is much less of a security risk then if they had control over the entire process.
Leave reply